linux_dsm_epyc7002/net/ipv4
Subash Abhinov Kasiviswanathan 902d6a4c2a netfilter: nf_defrag: Skip defrag if NOTRACK is set
conntrack defrag is needed only if some module like CONNTRACK or NAT
explicitly requests it. For plain forwarding scenarios, defrag is
not needed and can be skipped if NOTRACK is set in a rule.

Since conntrack defrag is currently higher priority than raw table,
setting NOTRACK is not sufficient. We need to move raw to a higher
priority for iptables only.

This is achieved by introducing a module parameter "raw_before_defrag"
which allows to change the priority of raw table to place it before
defrag. By default, the parameter is disabled and the priority of raw
table is NF_IP_PRI_RAW to support legacy behavior. If the module
parameter is enabled, then the priority of the raw table is set to
NF_IP_PRI_RAW_BEFORE_DEFRAG.

Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2018-01-11 13:14:20 +01:00
..
netfilter netfilter: nf_defrag: Skip defrag if NOTRACK is set 2018-01-11 13:14:20 +01:00
af_inet.c ip: do not set RFS core on error queue reads 2018-01-05 11:14:56 -05:00
ah4.c net: use -ENOSPC for transient busy indication 2017-11-03 22:11:17 +08:00
arp.c ipv4: mark expected switch fall-throughs 2017-10-18 14:10:29 +01:00
cipso_ipv4.c tcp/dccp: fix ireq->opt races 2017-10-21 01:33:19 +01:00
datagram.c
devinet.c ipv4: igmp: guard against silly MTU values 2017-12-13 13:13:58 -05:00
esp4_offload.c xfrm: Separate ESP handling from segmentation for GRO packets. 2017-12-20 10:41:31 +01:00
esp4.c esp: Don't require synchronous crypto fallback on offloading anymore. 2017-12-20 10:41:53 +01:00
fib_frontend.c ipv4: Fix use-after-free when flushing FIB tables 2017-12-20 15:12:39 -05:00
fib_lookup.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fib_notifier.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fib_rules.c net: fib_rules: Implement notification logic in core 2017-08-03 15:35:59 -07:00
fib_semantics.c ipv4: fib: Fix metrics match when deleting a route 2017-12-19 14:21:58 -05:00
fib_trie.c net: Add extack to fib_notifier_info 2017-11-01 11:50:43 +09:00
fou.c gue: fix remcsum when GRO on and CHECKSUM_PARTIAL boundary is outer UDP 2017-08-01 16:09:14 -07:00
gre_demux.c
gre_offload.c gso: fix payload length when gso_size is zero 2017-10-08 10:12:15 -07:00
icmp.c ipv4: icmp: use BUG_ON instead of if condition followed by BUG 2017-10-24 18:44:42 +09:00
igmp.c net: igmp: Use correct source address on IGMPv3 reports 2017-12-13 13:51:27 -05:00
inet_connection_sock.c net: sock: replace sk_state_load with inet_sk_state_load and remove sk_state_store 2017-12-20 14:00:25 -05:00
inet_diag.c inet_diag: Add equal-operator for ports 2018-01-02 13:54:04 -05:00
inet_fragment.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2017-11-15 11:56:19 -08:00
inet_hashtables.c net: tracepoint: replace tcp_set_state tracepoint with inet_sock_set_state tracepoint 2017-12-20 14:00:25 -05:00
inet_timewait_sock.c tcp/dccp: avoid one atomic operation for timewait hashdance 2017-12-13 14:33:10 -05:00
inetpeer.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-10-05 18:19:22 -07:00
ip_forward.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ip_fragment.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
ip_gre.c net: erspan: remove md NULL check 2017-12-26 17:30:11 -05:00
ip_input.c IPv4: early demux can return an error code 2017-10-01 03:55:47 +01:00
ip_options.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ip_output.c udp: remove unreachable ufo branches 2017-08-22 14:27:18 -07:00
ip_sockglue.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ip_tunnel_core.c net: store port/representator id in metadata_dst 2017-06-25 11:42:01 -04:00
ip_tunnel.c ipv4: igmp: guard against silly MTU values 2017-12-13 13:13:58 -05:00
ip_vti.c ip_vti: remove the useless err_count check in vti_xmit 2017-11-01 11:57:32 +09:00
ipcomp.c
ipconfig.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ipip.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-10-30 21:09:24 +09:00
ipmr.c treewide: setup_timer() -> timer_setup() 2017-11-21 15:57:07 -08:00
Kconfig ip: update policy routing config help 2017-10-12 22:57:11 -07:00
Makefile net: tcp: Remove TCP probe module 2018-01-02 14:27:29 -05:00
netfilter.c netfilter: remove struct nf_afinfo and its helper functions 2018-01-08 18:11:02 +01:00
ping.c net: convert sock.sk_refcnt from atomic_t to refcount_t 2017-07-01 07:39:08 -07:00
proc.c tcp: retire FACK loss detection 2017-11-11 18:53:16 +09:00
protocol.c net: Add sysctl to toggle early demux for tcp and udp 2017-03-24 13:17:07 -07:00
raw_diag.c net: ipv6: add second dif to raw socket lookups 2017-08-07 11:39:22 -07:00
raw.c net: ipv4: fix for a race condition in raw_sendmsg 2017-12-11 14:05:31 -05:00
route.c xfrm: Move dst->path into struct xfrm_dst 2017-11-30 09:54:26 -05:00
syncookies.c tcp: Namespace-ify sysctl_tcp_workaround_signed_windows 2017-10-28 19:24:38 +09:00
sysctl_net_ipv4.c tcp: Namespace-ify sysctl_tcp_default_congestion_control 2017-11-15 14:09:52 +09:00
tcp_bbr.c tcp_bbr: reset long-term bandwidth sampling on loss recovery undo 2017-12-08 13:27:43 -05:00
tcp_bic.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_cdg.c tcp: cdg: make struct tcp_cdg static 2017-10-16 21:24:25 +01:00
tcp_cong.c tcp: Namespace-ify sysctl_tcp_default_congestion_control 2017-11-15 14:09:52 +09:00
tcp_cubic.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_dctcp.c Revert "dctcp: update cwnd on congestion event" 2016-12-06 11:34:24 -05:00
tcp_diag.c net: sock: replace sk_state_load with inet_sk_state_load and remove sk_state_store 2017-12-20 14:00:25 -05:00
tcp_fastopen.c tcp: pause Fast Open globally after third consecutive timeout 2017-12-13 15:51:12 -05:00
tcp_highspeed.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_htcp.c tcp: fix cwnd undo in Reno and HTCP congestion controls 2017-08-06 21:25:10 -07:00
tcp_hybla.c tcp: make undo_cwnd mandatory for congestion modules 2016-11-21 13:20:17 -05:00
tcp_illinois.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_input.c net: tcp: Add trace events for TCP congestion window tracing 2018-01-02 14:27:29 -05:00
tcp_ipv4.c tcp: md5: Handle RCU dereference of md5sig_info 2017-12-26 17:23:50 -05:00
tcp_lp.c tcp: switch TCP TS option (RFC 7323) to 1ms clock 2017-05-17 16:06:01 -04:00
tcp_metrics.c tcp: pause Fast Open globally after third consecutive timeout 2017-12-13 15:51:12 -05:00
tcp_minisocks.c tcp/dccp: avoid one atomic operation for timewait hashdance 2017-12-13 14:33:10 -05:00
tcp_nv.c tcp_nv: use do_div() instead of expensive div64_u64() 2017-11-04 22:34:52 +09:00
tcp_offload.c tcp: gso: avoid refcount_t warning from tcp_gso_segment() 2017-11-10 18:07:15 +09:00
tcp_output.c tcp: Split BUG_ON() in tcp_tso_should_defer() into two assertions 2018-01-08 14:12:26 -05:00
tcp_rate.c tcp: invalidate rate samples during SACK reneging 2017-12-08 10:07:02 -05:00
tcp_recovery.c tcp: evaluate packet losses upon RTT change 2017-12-08 14:14:11 -05:00
tcp_scalable.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_timer.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-12-16 22:11:55 -05:00
tcp_ulp.c tcp: ulp: avoid module refcnt leak in tcp_set_ulp 2017-08-14 22:17:05 -07:00
tcp_vegas.c tcp: fix under-evaluated ssthresh in TCP Vegas 2017-09-29 06:07:00 +01:00
tcp_vegas.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tcp_veno.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp_westwood.c tcp: Revert "tcp: remove CA_ACK_SLOWPATH" 2017-08-30 11:20:08 -07:00
tcp_yeah.c tcp: consolidate congestion control undo functions 2017-08-06 21:25:10 -07:00
tcp.c net: revert "Update RFS target at poll for tcp/udp" 2018-01-05 11:14:57 -05:00
tunnel4.c
udp_diag.c net: ipv6: add second dif to udp socket lookups 2017-08-07 11:39:22 -07:00
udp_impl.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
udp_offload.c net: accept UFO datagrams from tuntap and packet 2017-11-24 01:37:35 +09:00
udp_tunnel.c net: add infrastructure to un-offload UDP tunnel port 2017-07-24 13:52:59 -07:00
udp.c net: revert "Update RFS target at poll for tcp/udp" 2018-01-05 11:14:57 -05:00
udplite.c udplite: call proper backlog handlers 2016-11-24 15:32:14 -05:00
xfrm4_input.c xfrm: Reinject transport-mode packets through tasklet 2017-12-19 08:23:21 +01:00
xfrm4_mode_beet.c networking: make skb_pull & friends return void pointers 2017-06-16 11:48:39 -04:00
xfrm4_mode_transport.c xfrm: Add encapsulation header offsets while SKB is not encrypted 2017-04-14 10:07:39 +02:00
xfrm4_mode_tunnel.c xfrm: Separate ESP handling from segmentation for GRO packets. 2017-12-20 10:41:31 +01:00
xfrm4_output.c xfrm: Add an IPsec hardware offloading API 2017-04-14 10:06:10 +02:00
xfrm4_policy.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm4_protocol.c xfrm: input: constify xfrm_input_afinfo 2017-02-09 10:22:17 +01:00
xfrm4_state.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm4_tunnel.c