redonkable/alistair23-linux

Author	SHA1	Message	Date
Taehee Yoo	28c5ed2f93	netfilter: nf_flow_table: remove unnecessary nat flag check code nf_flow_offload_{ip/ipv6}_hook() check nat flag then, call nf_flow_nat_{ip/ipv6} but that also check nat flag. so that nat flag check code in nf_flow_offload_{ip/ipv6}_hook() are unnecessary. Signed-off-by: Taehee Yoo <ap420073@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>	2018-09-28 14:28:38 +02:00
Jason A. Donenfeld	2a79fd3908	netfilter: nf_flow_table: attach dst to skbs Some drivers, such as vxlan and wireguard, use the skb's dst in order to determine things like PMTU. They therefore loose functionality when flow offloading is enabled. So, we ensure the skb has it before xmit'ing it in the offloading path. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>	2018-06-01 09:47:36 +02:00
Felix Fietkau	33894c367d	netfilter: nf_flow_table: add missing condition for TCP state check Avoid looking at unrelated fields in UDP packets Signed-off-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>	2018-04-24 10:29:04 +02:00
Felix Fietkau	b6f27d322a	netfilter: nf_flow_table: tear down TCP flows if RST or FIN was seen Allow the slow path to handle the shutdown of the connection with proper timeouts. The packet containing RST/FIN is also sent to the slow path and the TCP conntrack module will update its state. Signed-off-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>	2018-04-24 10:29:02 +02:00
Felix Fietkau	a908fdec3d	netfilter: nf_flow_table: move ipv6 offload hook code to nf_flow_table Useful as preparation for adding iptables support for offload. Signed-off-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>	2018-04-24 10:28:18 +02:00
Felix Fietkau	3aeb51d7e7	netfilter: nf_flow_table: move ip header check out of nf_flow_exceeds_mtu Allows the function to be shared with the IPv6 hook code Signed-off-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>	2018-04-24 10:28:15 +02:00
Felix Fietkau	7d20868717	netfilter: nf_flow_table: move ipv4 offload hook code to nf_flow_table Allows some minor code sharing with the ipv6 hook code and is also useful as preparation for adding iptables support for offload Signed-off-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>	2018-04-24 10:27:16 +02:00

7 commits