[PATCH nf-next v3 0/4] Extract SYNPROXY infrastructure

From: Fernando Fernandez Mancera <ffmancera@riseup.net>
To: netfilter-devel@vger.kernel.org
Cc: Fernando Fernandez Mancera <ffmancera@riseup.net>
Subject: [PATCH nf-next v3 0/4] Extract SYNPROXY infrastructure
Date: Fri, 24 May 2019 19:01:02 +0200	[thread overview]
Message-ID: <20190524170106.2686-1-ffmancera@riseup.net> (raw)

The patch series have been tested by enabling iptables and ip6tables SYNPROXY.
All the modules loaded as expected.

$ lsmod | grep synproxy
Only IPv4:
nf_synproxy            20480  1 ipt_SYNPROXY
nf_synproxy_core       16384  2 ipt_SYNPROXY,nf_synproxy
nf_conntrack          159744  5 xt_conntrack,xt_state,ipt_SYNPROXY,nf_synproxy_core,nf_synproxy

Only IPv6:
nf_synproxy            20480  1 ip6t_SYNPROXY
nf_synproxy_core       16384  2 ip6t_SYNPROXY,nf_synproxy
nf_conntrack          159744  5 ip6t_SYNPROXY,xt_conntrack,xt_state,nf_synproxy_core,nf_synproxy

IPv4 and IPv6:
nf_synproxy            20480  2 ip6t_SYNPROXY,ipt_SYNPROXY
nf_synproxy_core       16384  3 ip6t_SYNPROXY,ipt_SYNPROXY,nf_synproxy
nf_conntrack          159744  6 ip6t_SYNPROXY,xt_conntrack,xt_state,ipt_SYNPROXY,nf_synproxy_core,nf_synproxy

v1: Initial patch
v2: Unify nf_synproxy_ipv4 and nf_synproxy_ipv6 into nf_synproxy
v3: Remove synproxy_cookie dependency

Fernando Fernandez Mancera (4):
  netfilter: synproxy: add common uapi for SYNPROXY infrastructure
  netfilter: synproxy: remove module dependency on IPv6 SYNPROXY
  netfilter: synproxy: extract SYNPROXY infrastructure from
    {ipt,ip6t}_SYNPROXY
  netfilter: add NF_SYNPROXY symbol

 include/linux/netfilter_ipv6.h             |  17 +
 include/net/netfilter/nf_synproxy.h        |  46 ++
 include/uapi/linux/netfilter/nf_SYNPROXY.h |  19 +
 include/uapi/linux/netfilter/xt_SYNPROXY.h |  18 +-
 net/ipv4/netfilter/Kconfig                 |   2 +-
 net/ipv4/netfilter/ipt_SYNPROXY.c          | 394 +---------
 net/ipv6/netfilter.c                       |   1 +
 net/ipv6/netfilter/Kconfig                 |   2 +-
 net/ipv6/netfilter/ip6t_SYNPROXY.c         | 420 +----------
 net/netfilter/Kconfig                      |   4 +
 net/netfilter/Makefile                     |   1 +
 net/netfilter/nf_synproxy.c                | 836 +++++++++++++++++++++
 12 files changed, 948 insertions(+), 812 deletions(-)
 create mode 100644 include/net/netfilter/nf_synproxy.h
 create mode 100644 include/uapi/linux/netfilter/nf_SYNPROXY.h
 create mode 100644 net/netfilter/nf_synproxy.c

-- 
2.20.1