redonkable/remarkable-linux
redonkable/remarkable-linux
1
0
Fork 0
Code Releases Activity
remarkable-linux/net/ipv6/netfilter
History
Andrew Collins c65ef8dc7b netfilter: nf_nat: Also handle non-ESTABLISHED routing changes in MASQUERADE 
Since (a0ecb85 netfilter: nf_nat: Handle routing changes in MASQUERADE
target), the MASQUERADE target handles routing changes which affect
the output interface of a connection, but only for ESTABLISHED
connections.  It is also possible for NEW connections which
already have a conntrack entry to be affected by routing changes.

This adds a check to drop entries in the NEW+conntrack state
when the oif has changed.

Signed-off-by: Andrew Collins <bsderandrew@gmail.com>
Acked-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2012-12-16 23:28:30 +01:00
..
ip6_tables.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/jesse/openvswitch 2012-11-30 12:01:30 -05:00
ip6t_ah.c netfilter: ip6_tables: add flags parameter to ipv6_find_hdr() 2012-05-09 12:53:47 +02:00
ip6t_eui64.c
ip6t_frag.c netfilter: ip6_tables: add flags parameter to ipv6_find_hdr() 2012-05-09 12:53:47 +02:00
ip6t_hbh.c netfilter: ip6_tables: add flags parameter to ipv6_find_hdr() 2012-05-09 12:53:47 +02:00
ip6t_ipv6header.c
ip6t_MASQUERADE.c netfilter: ip6tables: add MASQUERADE target 2012-08-30 03:00:18 +02:00
ip6t_mh.c
ip6t_NPT.c netfilter: ip6tables: add stateless IPv6-to-IPv6 Network Prefix Translation target 2012-08-30 03:00:25 +02:00
ip6t_REJECT.c netfilter: ip[6]t_REJECT: fix wrong transport header pointer in TCP reset 2012-12-16 23:27:35 +01:00
ip6t_rpfilter.c ipv6: introduce ip6_rt_put() 2012-11-03 14:59:05 -04:00
ip6t_rt.c netfilter: ip6_tables: add flags parameter to ipv6_find_hdr() 2012-05-09 12:53:47 +02:00
ip6table_filter.c netfilter: PTR_RET can be used 2012-08-14 02:31:47 +02:00
ip6table_mangle.c netfilter: PTR_RET can be used 2012-08-14 02:31:47 +02:00
ip6table_nat.c netfilter: nf_nat: Also handle non-ESTABLISHED routing changes in MASQUERADE 2012-12-16 23:28:30 +01:00
ip6table_raw.c netfilter: PTR_RET can be used 2012-08-14 02:31:47 +02:00
ip6table_security.c netfilter: PTR_RET can be used 2012-08-14 02:31:47 +02:00
Kconfig netfilter: combine ipt_REDIRECT and ip6t_REDIRECT 2012-09-21 12:12:05 +02:00
Makefile netfilter: combine ipt_REDIRECT and ip6t_REDIRECT 2012-09-21 12:12:05 +02:00
nf_conntrack_l3proto_ipv6.c Merge branch 'master' of git://1984.lsi.us.es/nf-next 2012-11-16 12:42:43 -05:00
nf_conntrack_proto_icmpv6.c ipv6: use IS_ENABLED() 2012-11-01 12:41:35 -04:00
nf_conntrack_reasm.c netfilter: nf_defrag_ipv6: solve section mismatch in nf_conntrack_reasm 2012-10-28 22:44:15 +01:00
nf_defrag_ipv6_hooks.c ipv6: use IS_ENABLED() 2012-11-01 12:41:35 -04:00
nf_nat_l3proto_ipv6.c netfilter: ipv6: using csum_ipv6_magic requires net/ip6_checksum.h 2012-09-05 17:46:06 -04:00
nf_nat_proto_icmpv6.c ipv6: use IS_ENABLED() 2012-11-01 12:41:35 -04:00