summaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter/nf_nat.h
Commit message (Collapse)AuthorAgeFilesLines
* iptables: snat: add randomize-full supportDaniel Borkmann2014-01-041-4/+8
| | | | | | | | | | | | | | | | This patch provides the userspace part for snat in order to make randomize-full support available in {ip,nf}tables. It allows for enabling full port randomization that was motivated in [1] and introduced to the kernel in [2]. Joint work between Hannes Frederic Sowa and Daniel Borkmann. [1] https://sites.google.com/site/hayashulman/files/NIC-derandomisation.pdf [2] http://patchwork.ozlabs.org/patch/304306/ Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* extensions: add IPv6 MASQUERADE extensionPatrick McHardy2012-09-101-0/+8
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Convert the NAT targets to use the kernel supplied nf_nat.h headerPatrick McHardy2012-09-101-0/+25
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* include: resynchronize headers with 2.6.29-rc5Jan Engelhardt2009-02-211-45/+0
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* Use nf_conntrack headers instead of ip_conntrack ones and add sanitized ↵Patrick McHardy2007-04-181-0/+45
versions.