forge/linux-pinenote
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
linux-pinenote/include/uapi/linux
History
Harout Hedeshian 01555e74bd netfilter: xt_socket: add XT_SOCKET_RESTORESKMARK flag 
xt_socket is useful for matching sockets with IP_TRANSPARENT and
taking some action on the matching packets. However, it lacks the
ability to match only a small subset of transparent sockets.

Suppose there are 2 applications, each with its own set of transparent
sockets. The first application wants all matching packets dropped,
while the second application wants them forwarded somewhere else.

Add the ability to retore the skb->mark from the sk_mark. The mark
is only restored if a matching socket is found and the transparent /
nowildcard conditions are satisfied.

Now the 2 hypothetical applications can differentiate their sockets
based on a mark value set with SO_MARK.

iptables -t mangle -I PREROUTING -m socket --transparent \
                                           --restore-skmark -j action
iptables -t mangle -A action -m mark --mark 10 -j action2
iptables -t mangle -A action -m mark --mark 11 -j action3

Signed-off-by: Harout Hedeshian <harouth@codeaurora.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-06-18 13:05:09 +02:00
..
android android: uapi: binder.h 2014-10-20 10:30:15 +08:00
byteorder
caif
can can: cangw: introduce optional uid to reference created routing jobs 2015-06-09 09:39:49 +02:00
cifs
dvb
genwqe GenWQE: Update author information 2014-09-23 23:15:46 -07:00
hdlc
hsi HSI: cmt_speech: Add cmt-speech driver 2015-03-31 22:14:04 +02:00
iio iio: Export userspace IIO headers 2015-02-14 17:05:03 +00:00
isdn
mmc
netfilter netfilter: xt_socket: add XT_SOCKET_RESTORESKMARK flag 2015-06-18 13:05:09 +02:00
netfilter_arp uapi: netfilter_arp: use __u8 instead of u_int8_t 2014-08-20 15:13:08 +02:00
netfilter_bridge uapi: ebtables: don't include linux/if.h 2015-04-13 20:08:38 +02:00
netfilter_ipv4
netfilter_ipv6
nfsd nfsd: eliminate NFSD_DEBUG 2015-04-21 16:16:02 -04:00
raid Add new disk to clustered array 2015-02-23 09:59:07 -06:00
spi
sunrpc
tc_act act_bpf: add initial eBPF support for actions 2015-03-20 19:10:44 -04:00
tc_ematch
usb usb: gadget: ffs: add eventfd notification about ffs events 2015-01-27 09:34:59 -06:00
wimax
a.out.h
acct.h
adb.h
adfs_fs.h
affs_hardblocks.h
agpgart.h
aio_abi.h
am437x-vpfe.h [media] am437x: include linux/videodev2.h for expanding BASE_VIDIOC_PRIVATE 2015-04-02 18:10:35 -03:00
apm_bios.h
arcfb.h
atalk.h
atm.h
atm_eni.h
atm_he.h
atm_idt77105.h
atm_nicstar.h
atm_tcp.h
atm_zatm.h
atmapi.h
atmarp.h
atmbr2684.h
atmclip.h
atmdev.h
atmioc.h
atmlec.h
atmmpc.h
atmppp.h
atmsap.h
atmsvc.h
audit.h powerpc updates for 3.19 batch 2 2014-12-19 12:57:45 -08:00
auto_fs.h
auto_fs4.h
auxvec.h
ax25.h
b1lli.h
baycom.h
bcache.h
bcm933xx_hcs.h
bfs_fs.h
binfmts.h
blkpg.h
blktrace_api.h
bpf.h bpf: introduce current->pid, tgid, uid, gid, comm accessors 2015-06-15 15:53:50 -07:00
bpf_common.h net: filter: move common defines into bpf_common.h 2014-10-14 16:06:45 -04:00
bpqether.h
bsg.h
btrfs.h Btrfs: Remove unnecessary placeholder in btrfs_err_code 2015-02-02 19:25:51 -08:00
can.h can.h: make padding given by gcc explicit 2015-05-06 08:03:19 +02:00
capability.h
capi.h
cciss_defs.h
cciss_ioctl.h
cdrom.h
cgroupstats.h
chio.h
cm4000_cs.h
cn_proc.h
coda.h
coda_psdev.h
coff.h
connector.h
const.h
cramfs_fs.h
cuda.h
cyclades.h
cycx_cfm.h
dcbnl.h net/dcb: Add IEEE QCN attribute 2015-03-06 21:50:02 -05:00
dccp.h
dlm.h
dlm_device.h
dlm_netlink.h
dlm_plock.h
dlmconstants.h dlm: adopt orphan locks 2014-11-19 14:48:02 -06:00
dm-ioctl.h dm: add full blk-mq support to request-based DM 2015-04-15 12:10:16 -04:00
dm-log-userspace.h
dn.h
dqblk_xfs.h
edd.h
efs_fs_sb.h
elf-em.h Add ELF machine define for Nios2 2014-12-08 12:55:57 +08:00
elf-fdpic.h
elf.h arm64: ptrace: add NT_ARM_SYSTEM_CALL regset 2014-11-28 10:19:49 +00:00
elfcore.h
errno.h
errqueue.h
ethtool.h net/ethtool: Add current supported tunable options 2015-06-11 00:36:37 -07:00
eventpoll.h
fadvise.h
falloc.h fs: Add support FALLOC_FL_INSERT_RANGE for fallocate 2015-03-25 15:07:05 +11:00
fanotify.h
fb.h
fcntl.h
fd.h
fdreg.h
fib_rules.h
fiemap.h
filter.h bpf: fix bpf helpers to use skb->mac_header relative offsets 2015-04-16 14:08:49 -04:00
firewire-cdev.h
firewire-constants.h
flat.h
fou.h fou: implement FOU_CMD_GET 2015-04-12 21:25:13 -04:00
fs.h vfs: add support for a lazytime mount option 2015-02-05 02:45:00 -05:00
fsl_hypervisor.h
fuse.h
futex.h
gameport.h
gen_stats.h
genetlink.h
gfs2_ondisk.h
gigaset_dev.h
hash_info.h
hdlc.h
hdlcdrv.h
hdreg.h
hid.h
hiddev.h
hidraw.h
hpet.h
hsr_netlink.h
hw_breakpoint.h
hyperv.h Drivers: hv: util: make struct hv_do_fcopy match Hyper-V host messages 2014-11-07 10:21:44 -08:00
hysdn_if.h
i2c-dev.h
i2c.h
i2o-dev.h
i8k.h
icmp.h
icmpv6.h
if.h
if_addr.h ipv6: introduce IFA_F_STABLE_PRIVACY flag 2015-03-23 22:12:09 -04:00
if_addrlabel.h
if_alg.h crypto: af_alg - add user space interface for AEAD 2014-12-05 23:56:55 +08:00
if_arcnet.h
if_arp.h
if_bonding.h
if_bridge.h bridge: support for multiple vlans and vlan ranges in setlink and dellink requests 2015-01-12 16:47:04 -05:00
if_cablemodem.h
if_eql.h
if_ether.h net: dsa: reduce number of protocol hooks 2014-08-27 22:59:39 -07:00
if_fc.h
if_fddi.h
if_frad.h
if_hippi.h
if_infiniband.h
if_link.h net/core: Add reading VF statistics through the PF netdevice 2015-06-15 17:23:03 -07:00
if_ltalk.h
if_packet.h packet: rollover statistics 2015-05-13 15:43:00 -04:00
if_phonet.h
if_plip.h
if_ppp.h
if_pppol2tp.h
if_pppox.h
if_slip.h
if_team.h
if_tun.h if_tun: drop broken IFF_VNET_LE 2014-12-16 11:19:42 -05:00
if_tunnel.h gue: TX support for using remote checksum offload option 2014-11-05 16:30:03 -05:00
if_vlan.h
if_x25.h
igmp.h
in.h inet: add IP_BIND_ADDRESS_NO_PORT to overcome bind(0) limitations 2015-06-06 23:57:12 -07:00
in6.h in6: fix conflict with glibc 2014-12-22 16:12:36 -05:00
in_route.h
inet_diag.h sock_diag: implement a get_info handler for inet 2015-06-15 19:49:22 -07:00
inotify.h
input.h Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2015-04-14 18:25:15 -07:00
ioctl.h
ip.h
ip6_tunnel.h
ip_vs.h ipvs: use 64-bit rates in stats 2015-02-09 16:59:03 +09:00
ipc.h
ipmi.h
ipmi_msgdefs.h
ipsec.h
ipv6.h ipv6: introduce secret_stable to ipv6_devconf 2015-03-23 22:12:08 -04:00
ipv6_route.h ipv6: Create percpu rt6_info 2015-05-25 13:25:35 -04:00
ipx.h
irda.h
irqnr.h
isdn.h
isdn_divertif.h
isdn_ppp.h
isdnif.h
iso_fs.h
ivtv.h
ivtvfb.h
ixjuser.h
jffs2.h
joystick.h
Kbuild Some virtio internal cleanups, a new virtio device "virtio input", and 2015-04-22 10:55:06 -07:00
kcmp.h kcmp: Move kcmp.h into uapi 2014-12-02 13:52:53 -07:00
kd.h
kdev_t.h
kernel-page-flags.h mm:add KPF_ZERO_PAGE flag for /proc/kpageflags 2015-02-11 17:06:00 -08:00
kernel.h
kernelcapi.h
kexec.h kexec: Fix make headers_check 2015-02-17 14:34:51 -08:00
keyboard.h
keyctl.h
kfd_ioctl.h drm/amdkfd: reformat IOCTL definitions to drm-style 2015-01-06 19:44:36 +02:00
kvm.h KVM: PPC: Book3S HV: Add fast real-mode H_RANDOM implementation. 2015-04-21 15:21:29 +02:00
kvm_para.h
l2tp.h l2tp : multicast notification to the registered listeners 2014-12-31 14:17:20 -05:00
libc-compat.h ipv6: fix redefinition of in6_pktinfo and ip6_mtuinfo 2015-01-08 19:29:11 -08:00
limits.h
llc.h
loop.h
lp.h
magic.h tracefs: Add new tracefs file system 2015-02-03 12:48:40 -05:00
major.h
map_to_7segment.h
matroxfb.h
mdio.h
media-bus-format.h Merge branch 'drm-next-merged' of git://people.freedesktop.org/~airlied/linux into v4l_for_linus 2015-04-21 09:44:55 -03:00
media.h [media] media.h: mark alsa struct in media_entity_desc as TODO 2015-02-26 08:40:10 -03:00
mei.h
memfd.h
mempolicy.h mm: convert p[te|md]_numa users to p[te|md]_protnone_numa 2015-02-12 18:54:08 -08:00
meye.h
mic_common.h
mic_ioctl.h
mii.h
minix_fs.h
mman.h
mmtimer.h
module.h
mpls.h mpls: Change reserved label names to be consistent with netbsd 2015-05-09 22:29:50 -04:00
mqueue.h
mroute.h
mroute6.h
msdos_fs.h msdos_fs.h: fix 'fields' in comment 2015-01-20 13:51:06 +01:00
msg.h ipc/msg: increase MSGMNI, remove scaling 2014-12-13 12:42:52 -08:00
mtio.h
n_r3964.h
nbd.h
ncp.h
ncp_fs.h
ncp_mount.h
ncp_no.h
neighbour.h net: neighbour: Add mcast_resolicit to configure the number of multicast resolicitations in PROBE state. 2015-03-20 21:47:40 -04:00
net.h
net_dropmon.h
net_namespace.h netns: add rtnl cmd to add and get peer netns ids 2015-01-19 14:21:18 -05:00
net_tstamp.h net-timestamp: no-payload option 2015-02-02 18:46:51 -08:00
netconf.h
netdevice.h
netfilter.h netfilter: add netfilter ingress hook after handle_ing() under unique static key 2015-05-14 01:10:05 -04:00
netfilter_arp.h
netfilter_bridge.h
netfilter_decnet.h
netfilter_ipv4.h
netfilter_ipv6.h
netlink.h netlink: allow to listen "all" netns 2015-05-09 22:15:31 -04:00
netlink_diag.h
netrom.h
nfc.h NFC: netlink: Implement vendor command support 2015-06-09 01:21:35 +02:00
nfs.h
nfs2.h
nfs3.h
nfs4.h uapi: Remove kernel internal declaration 2015-04-21 16:16:04 -04:00
nfs4_mount.h
nfs_fs.h
nfs_idmap.h NFS: Move nfs_idmap.h into fs/nfs/ 2015-04-23 15:16:14 -04:00
nfs_mount.h
nfsacl.h
nl80211.h cfg80211: change GO_CONCURRENT to IR_CONCURRENT for STA 2015-05-06 15:50:02 +02:00
nubus.h
nvme.h NVMe: Update SCSI Inquiry VPD 83h translation 2015-02-19 16:15:35 -07:00
nvram.h
omap3isp.h
omapfb.h
oom.h
openvswitch.h openvswitch: include datapath actions with sampled-packet upcall to userspace 2015-06-01 15:05:40 -07:00
packet_diag.h
param.h
parport.h
patchkey.h
pci.h
pci_regs.h PCI: Add defines for PCIe Max_Read_Request_Size 2015-01-27 08:14:26 -06:00
perf_event.h perf: Add ITRACE_START record to indicate that tracing has started 2015-04-02 17:14:17 +02:00
personality.h
pfkeyv2.h
pg.h
phantom.h
phonet.h
pkt_cls.h net: sched: pkt_cls: remove unused macros from uapi 2015-05-21 23:26:51 -04:00
pkt_sched.h net_sched: gred: add TCA_GRED_LIMIT attribute 2015-05-12 18:22:49 -04:00
pktcdvd.h
pmu.h
poll.h
posix_types.h
ppdev.h
ppp-comp.h
ppp-ioctl.h
ppp_defs.h
pps.h
prctl.h MIPS,prctl: add PR_[GS]ET_FP_MODE prctl options for MIPS 2015-02-12 12:30:29 +01:00
psci.h
ptp_clock.h
ptrace.h
qnx4_fs.h
qnxtypes.h
quota.h vfs: Add general support to enforce project quota limits 2015-03-18 21:55:08 +01:00
radeonfb.h
random.h
raw.h
rds.h net/rds: Declare SO_RDS_TRANSPORT and RDS_TRANS_* constants in uapi/linux/rds.h 2015-05-31 21:47:23 -07:00
reboot.h
reiserfs_fs.h
reiserfs_xattr.h
resource.h
rfkill.h
romfs_fs.h
rose.h
route.h
rtc.h
rtnetlink.h rename RTNH_F_EXTERNAL to RTNH_F_OFFLOAD 2015-05-14 22:45:39 -04:00
scc.h
sched.h sched: Update comments about CLONE_NEWUTS and CLONE_NEWIPC 2014-11-16 10:58:53 +01:00
screen_info.h
sctp.h
sdla.h
seccomp.h
securebits.h
selinux_netlink.h
sem.h ipc/sem.c: increase SEMMSL, SEMMNI, SEMOPM 2014-12-13 12:42:52 -08:00
serial.h serial: uapi: Declare all userspace-visible io types 2015-03-07 03:39:55 +01:00
serial_core.h serial: driver for ETRAX FS UART 2015-02-07 18:43:16 +08:00
serial_reg.h x86, intel-mid: remove Intel MID specific serial support 2015-03-07 03:25:18 +01:00
serio.h
shm.h
signal.h
signalfd.h
smiapp.h [media] smiapp: Add driver-specific test pattern menu item definitions 2014-08-21 15:25:11 -05:00
snmp.h tcp: add TCPWinProbe and TCPKeepAlive SNMP counters 2015-05-09 16:42:32 -04:00
sock_diag.h sock_diag: define destruction multicast groups 2015-06-15 19:49:22 -07:00
socket.h
sockios.h
sonet.h
sonypi.h
sound.h
soundcard.h
stat.h
stddef.h
string.h
suspend_ioctls.h
swab.h
synclink.h
sysctl.h kernel: add panic_on_warn 2014-12-10 17:41:10 -08:00
sysinfo.h
target_core_user.h target: Version 2 of TCMU ABI 2015-04-19 22:40:26 -07:00
taskstats.h
tcp.h tcp: add tcpi_segs_in and tcpi_segs_out to tcp_info 2015-05-21 23:25:21 -04:00
tcp_metrics.h
telephony.h
termios.h
thermal.h thermal: provide an UAPI header file 2014-12-09 14:10:41 +08:00
time.h
times.h
timex.h
tiocl.h
tipc.h
tipc_config.h tipc: convert legacy nl link stat to nl compat 2015-02-09 13:20:47 -08:00
tipc_netlink.h tipc: add ip/udp media type 2015-03-05 22:08:42 -05:00
toshiba.h
tty.h NFC: nci: add generic uart support 2015-06-11 23:37:37 +02:00
tty_flags.h tty: warn on deprecated serial flags 2014-11-06 15:01:03 -08:00
types.h
udf_fs_i.h
udp.h
uhid.h HID: uhid: report to user-space whether reports are numbered 2014-08-25 03:28:08 -05:00
uinput.h Input: uinput - fix ioctl nr overflow for UI_GET_SYSNAME/VERSION 2015-01-11 16:27:25 -08:00
uio.h
ultrasound.h
un.h
unistd.h
unix_diag.h
usbdevice_fs.h USB: usbfs: allow URBs to be reaped after disconnection 2015-01-31 09:05:06 -08:00
usbip.h usbip: move usbip kernel code out of staging 2014-08-25 10:40:06 -07:00
utime.h
utsname.h
uuid.h
uvcvideo.h
v4l2-common.h [media] v4l: Add V4L2_SEL_TGT_NATIVE_SIZE selection target 2014-12-04 12:37:01 -02:00
v4l2-controls.h [media] adv7180: Add fast switch support 2015-02-02 11:51:38 -02:00
v4l2-dv-timings.h [media] videodev2.h/v4l2-dv-timings.h: add V4L2_DV_FL_IS_CE_VIDEO flag 2015-04-08 06:36:52 -03:00
v4l2-mediabus.h [media] v4l2-mediabus.h: use two __u16 instead of two __u32 2014-12-16 23:21:36 -02:00
v4l2-subdev.h [media] v4l2-subdev.h: add 'which' field for the enum structs 2015-03-23 11:44:35 -07:00
veth.h
vfio.h vfio: amba: VFIO support for AMBA devices 2015-03-16 14:08:44 -06:00
vhost.h
videodev2.h [media] videodev2.h/v4l2-dv-timings.h: add V4L2_DV_FL_IS_CE_VIDEO flag 2015-04-08 06:36:52 -03:00
virtio_9p.h
virtio_balloon.h include/uapi/linux/virtio_balloon.h: include linux/virtio_types.h 2015-06-01 15:46:54 +02:00
virtio_blk.h virtio_blk: fix comment for virtio 1.0 2015-03-10 11:48:29 +10:30
virtio_config.h virtio: Don't expose legacy config features when VIRTIO_CONFIG_NO_LEGACY defined. 2015-02-11 15:03:16 +10:30
virtio_console.h virtio_console: virtio 1.0 support 2014-12-09 12:06:32 +02:00
virtio_ids.h Add virtio-input driver. 2015-03-29 12:13:52 +10:30
virtio_input.h Add virtio-input driver. 2015-03-29 12:13:52 +10:30
virtio_net.h virtio_net: unconditionally define struct virtio_net_hdr_v1. 2015-02-17 16:19:27 +10:30
virtio_pci.h virtio: define VIRTIO_PCI_CAP_PCI_CFG in header. 2015-02-11 15:03:15 +10:30
virtio_ring.h virtio: fix typo in vring_need_event() doc comment 2015-05-01 20:46:32 -07:00
virtio_rng.h
virtio_scsi.h uapi/virtio_scsi: allow overriding CDB/SENSE size 2015-03-13 15:55:43 +10:30
virtio_types.h virtio: memory access APIs 2014-12-09 12:05:24 +02:00
vm_sockets.h
vsp1.h
vt.h vt: Remove vt_get_kmsg_redirect() from uapi header 2014-11-05 20:18:30 -08:00
wait.h
wanrouter.h
watchdog.h
wil6210_uapi.h wil6210: atomic I/O for the card memory 2014-10-02 14:23:14 -04:00
wimax.h
wireless.h
x25.h
xattr.h xattr: fix check for simultaneous glibc header inclusion 2014-08-29 16:28:16 -07:00
xfrm.h xfrm: simplify xfrm_address_t use 2015-03-31 13:58:35 -04:00
xilinx-v4l2-controls.h [media] v4l: xilinx: Add Test Pattern Generator driver 2015-04-03 01:04:18 -03:00
zorro.h
zorro_ids.h