Loading Documentation/ABI/removed/ip_queue 0 → 100644 +9 −0 Original line number Original line Diff line number Diff line What: ip_queue Date: finally removed in kernel v3.5.0 Contact: Pablo Neira Ayuso <pablo@netfilter.org> Description: ip_queue has been replaced by nfnetlink_queue which provides more advanced queueing mechanism to user-space. The ip_queue module was already announced to become obsolete years ago. Users: Documentation/networking/ip-sysctl.txt +11 −2 Original line number Original line Diff line number Diff line Loading @@ -1301,13 +1301,22 @@ bridge-nf-call-ip6tables - BOOLEAN bridge-nf-filter-vlan-tagged - BOOLEAN bridge-nf-filter-vlan-tagged - BOOLEAN 1 : pass bridged vlan-tagged ARP/IP/IPv6 traffic to {arp,ip,ip6}tables. 1 : pass bridged vlan-tagged ARP/IP/IPv6 traffic to {arp,ip,ip6}tables. 0 : disable this. 0 : disable this. Default: 1 Default: 0 bridge-nf-filter-pppoe-tagged - BOOLEAN bridge-nf-filter-pppoe-tagged - BOOLEAN 1 : pass bridged pppoe-tagged IP/IPv6 traffic to {ip,ip6}tables. 1 : pass bridged pppoe-tagged IP/IPv6 traffic to {ip,ip6}tables. 0 : disable this. 0 : disable this. Default: 1 Default: 0 bridge-nf-pass-vlan-input-dev - BOOLEAN 1: if bridge-nf-filter-vlan-tagged is enabled, try to find a vlan interface on the bridge and set the netfilter input device to the vlan. This allows use of e.g. "iptables -i br0.1" and makes the REDIRECT target work with vlan-on-top-of-bridge interfaces. When no matching vlan interface is found, or this switch is off, the input device is set to the bridge interface. 0: disable bridge netfilter vlan interface lookup. Default: 0 proc/sys/net/sctp/* Variables: proc/sys/net/sctp/* Variables: Loading include/linux/ip_vs.h +5 −0 Original line number Original line Diff line number Diff line Loading @@ -89,6 +89,7 @@ #define IP_VS_CONN_F_TEMPLATE 0x1000 /* template, not connection */ #define IP_VS_CONN_F_TEMPLATE 0x1000 /* template, not connection */ #define IP_VS_CONN_F_ONE_PACKET 0x2000 /* forward only one packet */ #define IP_VS_CONN_F_ONE_PACKET 0x2000 /* forward only one packet */ /* Initial bits allowed in backup server */ #define IP_VS_CONN_F_BACKUP_MASK (IP_VS_CONN_F_FWD_MASK | \ #define IP_VS_CONN_F_BACKUP_MASK (IP_VS_CONN_F_FWD_MASK | \ IP_VS_CONN_F_NOOUTPUT | \ IP_VS_CONN_F_NOOUTPUT | \ IP_VS_CONN_F_INACTIVE | \ IP_VS_CONN_F_INACTIVE | \ Loading @@ -97,6 +98,10 @@ IP_VS_CONN_F_TEMPLATE \ IP_VS_CONN_F_TEMPLATE \ ) ) /* Bits allowed to update in backup server */ #define IP_VS_CONN_F_BACKUP_UPD_MASK (IP_VS_CONN_F_INACTIVE | \ IP_VS_CONN_F_SEQ_MASK) /* Flags that are not sent to backup server start from bit 16 */ /* Flags that are not sent to backup server start from bit 16 */ #define IP_VS_CONN_F_NFCT (1 << 16) /* use netfilter conntrack */ #define IP_VS_CONN_F_NFCT (1 << 16) /* use netfilter conntrack */ Loading include/linux/netfilter/nf_conntrack_common.h +4 −0 Original line number Original line Diff line number Diff line Loading @@ -83,6 +83,10 @@ enum ip_conntrack_status { /* Conntrack is a fake untracked entry */ /* Conntrack is a fake untracked entry */ IPS_UNTRACKED_BIT = 12, IPS_UNTRACKED_BIT = 12, IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT), IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT), /* Conntrack got a helper explicitly attached via CT target. */ IPS_HELPER_BIT = 13, IPS_HELPER = (1 << IPS_HELPER_BIT), }; }; /* Connection tracking event types */ /* Connection tracking event types */ Loading include/linux/netfilter_ipv4/Kbuild +0 −1 Original line number Original line Diff line number Diff line header-y += ip_queue.h header-y += ip_tables.h header-y += ip_tables.h header-y += ipt_CLUSTERIP.h header-y += ipt_CLUSTERIP.h header-y += ipt_ECN.h header-y += ipt_ECN.h Loading Loading
Documentation/ABI/removed/ip_queue 0 → 100644 +9 −0 Original line number Original line Diff line number Diff line What: ip_queue Date: finally removed in kernel v3.5.0 Contact: Pablo Neira Ayuso <pablo@netfilter.org> Description: ip_queue has been replaced by nfnetlink_queue which provides more advanced queueing mechanism to user-space. The ip_queue module was already announced to become obsolete years ago. Users:
Documentation/networking/ip-sysctl.txt +11 −2 Original line number Original line Diff line number Diff line Loading @@ -1301,13 +1301,22 @@ bridge-nf-call-ip6tables - BOOLEAN bridge-nf-filter-vlan-tagged - BOOLEAN bridge-nf-filter-vlan-tagged - BOOLEAN 1 : pass bridged vlan-tagged ARP/IP/IPv6 traffic to {arp,ip,ip6}tables. 1 : pass bridged vlan-tagged ARP/IP/IPv6 traffic to {arp,ip,ip6}tables. 0 : disable this. 0 : disable this. Default: 1 Default: 0 bridge-nf-filter-pppoe-tagged - BOOLEAN bridge-nf-filter-pppoe-tagged - BOOLEAN 1 : pass bridged pppoe-tagged IP/IPv6 traffic to {ip,ip6}tables. 1 : pass bridged pppoe-tagged IP/IPv6 traffic to {ip,ip6}tables. 0 : disable this. 0 : disable this. Default: 1 Default: 0 bridge-nf-pass-vlan-input-dev - BOOLEAN 1: if bridge-nf-filter-vlan-tagged is enabled, try to find a vlan interface on the bridge and set the netfilter input device to the vlan. This allows use of e.g. "iptables -i br0.1" and makes the REDIRECT target work with vlan-on-top-of-bridge interfaces. When no matching vlan interface is found, or this switch is off, the input device is set to the bridge interface. 0: disable bridge netfilter vlan interface lookup. Default: 0 proc/sys/net/sctp/* Variables: proc/sys/net/sctp/* Variables: Loading
include/linux/ip_vs.h +5 −0 Original line number Original line Diff line number Diff line Loading @@ -89,6 +89,7 @@ #define IP_VS_CONN_F_TEMPLATE 0x1000 /* template, not connection */ #define IP_VS_CONN_F_TEMPLATE 0x1000 /* template, not connection */ #define IP_VS_CONN_F_ONE_PACKET 0x2000 /* forward only one packet */ #define IP_VS_CONN_F_ONE_PACKET 0x2000 /* forward only one packet */ /* Initial bits allowed in backup server */ #define IP_VS_CONN_F_BACKUP_MASK (IP_VS_CONN_F_FWD_MASK | \ #define IP_VS_CONN_F_BACKUP_MASK (IP_VS_CONN_F_FWD_MASK | \ IP_VS_CONN_F_NOOUTPUT | \ IP_VS_CONN_F_NOOUTPUT | \ IP_VS_CONN_F_INACTIVE | \ IP_VS_CONN_F_INACTIVE | \ Loading @@ -97,6 +98,10 @@ IP_VS_CONN_F_TEMPLATE \ IP_VS_CONN_F_TEMPLATE \ ) ) /* Bits allowed to update in backup server */ #define IP_VS_CONN_F_BACKUP_UPD_MASK (IP_VS_CONN_F_INACTIVE | \ IP_VS_CONN_F_SEQ_MASK) /* Flags that are not sent to backup server start from bit 16 */ /* Flags that are not sent to backup server start from bit 16 */ #define IP_VS_CONN_F_NFCT (1 << 16) /* use netfilter conntrack */ #define IP_VS_CONN_F_NFCT (1 << 16) /* use netfilter conntrack */ Loading
include/linux/netfilter/nf_conntrack_common.h +4 −0 Original line number Original line Diff line number Diff line Loading @@ -83,6 +83,10 @@ enum ip_conntrack_status { /* Conntrack is a fake untracked entry */ /* Conntrack is a fake untracked entry */ IPS_UNTRACKED_BIT = 12, IPS_UNTRACKED_BIT = 12, IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT), IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT), /* Conntrack got a helper explicitly attached via CT target. */ IPS_HELPER_BIT = 13, IPS_HELPER = (1 << IPS_HELPER_BIT), }; }; /* Connection tracking event types */ /* Connection tracking event types */ Loading
include/linux/netfilter_ipv4/Kbuild +0 −1 Original line number Original line Diff line number Diff line header-y += ip_queue.h header-y += ip_tables.h header-y += ip_tables.h header-y += ipt_CLUSTERIP.h header-y += ipt_CLUSTERIP.h header-y += ipt_ECN.h header-y += ipt_ECN.h Loading
