mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-14 06:35:12 +00:00
Code Issues Releases Wiki Activity
linux-stable/include/linux/netfilter_ipv4
History
Patrick McHardy 03486a4f83 [NETFILTER]: Handle NAT module load race 
When the NAT module is loaded when connections are already confirmed
it must not change their tuples anymore. This is especially important
with CONFIG_NETFILTER_DEBUG, the netfilter listhelp functions will
refuse to remove an entry from a list when it can not be found on
the list, so when a changed tuple hashes to a new bucket the entry
is kept in the list until and after the conntrack is freed.

Allocate the exact conntrack tuple for NAT for already confirmed
connections or drop them if that fails.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-06 15:09:43 -07:00
..
ip_conntrack.h [NETFILTER]: Add support for permanent expectations 2005-09-06 15:06:42 -07:00
ip_conntrack_amanda.h
ip_conntrack_core.h [NETFILTER]: Fix multiple problems with the conntrack event cache 2005-08-29 15:38:54 -07:00
ip_conntrack_ftp.h
ip_conntrack_helper.h [NETFILTER]: Add ctnetlink subsystem 2005-08-29 15:31:49 -07:00
ip_conntrack_icmp.h
ip_conntrack_irc.h
ip_conntrack_protocol.h [NETFILTER]: Add ctnetlink subsystem 2005-08-29 15:31:49 -07:00
ip_conntrack_sctp.h
ip_conntrack_tcp.h
ip_conntrack_tftp.h
ip_conntrack_tuple.h
ip_nat.h
ip_nat_core.h
ip_nat_helper.h
ip_nat_protocol.h [NETFILTER]: Add ctnetlink subsystem 2005-08-29 15:31:49 -07:00
ip_nat_rule.h [NETFILTER]: Handle NAT module load race 2005-09-06 15:09:43 -07:00
ip_queue.h
ip_tables.h [NETFILTER]: Add goto target 2005-08-29 16:04:18 -07:00
ipt_addrtype.h
ipt_ah.h
ipt_CLASSIFY.h
ipt_CLUSTERIP.h
ipt_comment.h
ipt_connbytes.h [NETFILTER]: Nicer names for ipt_connbytes constants 2005-08-29 15:58:17 -07:00
ipt_CONNMARK.h
ipt_connmark.h
ipt_conntrack.h
ipt_dccp.h [NETFILTER]: New iptables DCCP protocol header match 2005-08-29 15:54:28 -07:00
ipt_DSCP.h
ipt_dscp.h
ipt_ECN.h
ipt_ecn.h
ipt_esp.h
ipt_hashlimit.h
ipt_helper.h
ipt_iprange.h
ipt_length.h
ipt_limit.h
ipt_LOG.h [NETFILTER]: Extend netfilter logging API 2005-08-29 15:38:07 -07:00
ipt_mac.h
ipt_MARK.h
ipt_mark.h
ipt_multiport.h
ipt_NFQUEUE.h [NETFILTER]: Add "nfnetlink_queue" netfilter queue handler over nfnetlink 2005-08-29 15:36:56 -07:00
ipt_owner.h
ipt_physdev.h
ipt_pkttype.h
ipt_realm.h
ipt_recent.h
ipt_REJECT.h
ipt_SAME.h
ipt_sctp.h
ipt_state.h
ipt_string.h [NETFILTER]: Add string match 2005-08-29 16:04:07 -07:00
ipt_TCPMSS.h
ipt_tcpmss.h
ipt_TOS.h
ipt_tos.h
ipt_TTL.h [NETFILTER]: Add new iptables TTL target 2005-08-29 16:13:22 -07:00
ipt_ttl.h
ipt_ULOG.h
listhelp.h