redonkable/alistair23-linux
redonkable/alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/net
History
Pablo Neira Ayuso c317428644 netfilter: nf_conntrack: set conntrack templates again if we return NF_REPEAT 
The TCP tracking code has a special case that allows to return
NF_REPEAT if we receive a new SYN packet while in TIME_WAIT state.

In this situation, the TCP tracking code destroys the existing
conntrack to start a new clean session.

[DESTROY] tcp      6 src=192.168.0.2 dst=192.168.1.2 sport=38925 dport=8000 src=192.168.1.2 dst=192.168.1.100 sport=8000 dport=38925 [ASSURED]
    [NEW] tcp      6 120 SYN_SENT src=192.168.0.2 dst=192.168.1.2 sport=38925 dport=8000 [UNREPLIED] src=192.168.1.2 dst=192.168.1.100 sport=8000 dport=38925

However, this is a problem for the iptables' CT target event filtering
which will not work in this case since the conntrack template will not
be there for the new session. To fix this, we reassign the conntrack
template to the packet if we return NF_REPEAT.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2011-02-09 08:08:20 +01:00
..
9p net/9p/protocol.c: Remove duplicated macros. 2010-12-08 09:56:28 -08:00
802 net/802: add __rcu annotations 2010-10-25 13:09:44 -07:00
8021q 8021q: vlan device is lockless do not transfer real_num_{tx|rx}_queues 2010-11-28 10:47:19 -08:00
appletalk
atm Merge branch 'for-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq 2011-01-07 16:58:04 -08:00
ax25 net: ax25: fix information leak to userland harder 2011-01-12 00:34:49 -08:00
batman-adv batman-adv: Use "__attribute__" shortcut macros 2011-01-16 03:25:19 +01:00
bluetooth Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/padovan/bluetooth-next-2.6 2011-01-04 14:25:28 -05:00
bridge net: bridge: check the length of skb after nf_bridge_maybe_copy_header() 2011-01-06 11:33:05 -08:00
caif caif: checking the wrong variable 2011-01-15 20:58:11 -08:00
can can: test size of struct sockaddr in sendmsg 2011-01-15 20:56:42 -08:00
ceph Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-26 22:37:05 -08:00
core net: fix can_checksum_protocol() arguments swap 2011-01-19 14:15:21 -08:00
dcb dcb: use after free in dcb_flushapp() 2011-01-06 11:16:54 -08:00
dccp dccp: make upper bound for seq_window consistent on 32/64 bit 2011-01-07 12:22:44 +01:00
decnet net: Abstract default MTU metric calculation behind an accessor. 2010-12-14 13:01:14 -08:00
dns_resolver Net: dns_resolver: Makefile: Remove deprecated kbuild goal definitions 2010-11-22 08:16:10 -08:00
dsa net/dsa: don't use flush_scheduled_work() 2010-12-24 15:59:06 +01:00
econet Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-17 12:27:22 -08:00
ethernet eth: fix new kernel-doc warning 2011-01-12 19:00:40 -08:00
ieee802154 net: RCU conversion of dev_getbyhwaddr() and arp_ioctl() 2010-12-08 10:07:24 -08:00
ipv4 netfilter: arpt_mangle: fix return values of checkentry 2011-02-01 16:03:46 +01:00
ipv6 ipv6: Silence privacy extensions initialization 2011-01-18 16:13:49 -08:00
ipx BKL: introduce CONFIG_BKL. 2010-10-21 15:44:13 +02:00
irda Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-26 22:37:05 -08:00
iucv [S390] irq: have detailed statistics for interrupt types 2011-01-05 12:47:25 +01:00
key net: return operator cleanup 2010-09-23 14:33:39 -07:00
l2tp Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-08 13:47:38 -08:00
lapb Net: lapb: Makefile: Remove deprecated kbuild goal definitions 2010-11-22 08:16:14 -08:00
llc net: RCU conversion of dev_getbyhwaddr() and arp_ioctl() 2010-12-08 10:07:24 -08:00
mac80211 mac80211: use maximum number of AMPDU frames as default in BA RX 2011-01-13 15:46:45 -05:00
netfilter netfilter: nf_conntrack: set conntrack templates again if we return NF_REPEAT 2011-02-09 08:08:20 +01:00
netlabel net: kill unused macros 2010-12-19 21:59:35 -08:00
netlink Revert "netlink: test for all flags of the NLM_F_DUMP composite" 2011-01-19 13:34:20 -08:00
netrom
packet net: Use skb_checksum_start_offset() 2010-12-16 14:43:14 -08:00
phonet phonet: some signedness bugs 2011-01-10 13:33:17 -08:00
rds Net: rds: Makefile: Remove deprecated items 2010-11-22 08:16:15 -08:00
rfkill rfkill: remove dead code 2010-11-15 13:24:06 -05:00
rose Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-27 01:03:03 -07:00
rxrpc Net: rxrpc: Makefile: Remove deprecated kbuild goal definitions 2010-11-22 08:16:15 -08:00
sched net: remove dev_txq_stats_fold() 2011-01-13 21:44:34 -08:00
sctp sctp: user perfect name for Delayed SACK Timer option 2011-01-19 16:51:29 -08:00
sunrpc Merge branch 'for-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq 2011-01-07 16:58:04 -08:00
tipc tipc: update log.h re-include protection to reflect new name 2011-01-01 14:56:18 -08:00
unix af_unix: Avoid socket->sk NULL OOPS in stream connect security hooks. 2011-01-05 15:38:53 -08:00
wanrouter Net: wanrouter: Makefile: Remove deprecated kbuild goal definitions 2010-11-22 08:16:16 -08:00
wimax
wireless cfg80211: fix transposition of words in printk 2011-01-04 14:43:01 -05:00
x25 Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-08 13:47:38 -08:00
xfrm Revert "netlink: test for all flags of the NLM_F_DUMP composite" 2011-01-19 13:34:20 -08:00
compat.c net: Limit socket I/O iovec total length to INT_MAX. 2010-10-28 11:47:52 -07:00
Kconfig net: Add batman-adv meshing protocol 2010-12-16 13:44:24 -08:00
Makefile net: Add batman-adv meshing protocol 2010-12-16 13:44:24 -08:00
nonet.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
socket.c Merge branch 'vfs-scale-working' of git://git.kernel.org/pub/scm/linux/kernel/git/npiggin/linux-npiggin 2011-01-07 08:56:33 -08:00
sysctl_net.c
TUNABLE