mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-01 22:54:01 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Florian Westphal d532bcd0b2 netfilter: conntrack: sanitize table size default settings 
conntrack has two distinct table size settings:
nf_conntrack_max and nf_conntrack_buckets.

The former limits how many conntrack objects are allowed to exist
in each namespace.

The second sets the size of the hashtable.

As all entries are inserted twice (once for original direction, once for
reply), there should be at least twice as many buckets in the table than
the maximum number of conntrack objects that can exist at the same time.

Change the default multiplier to 1 and increase the chosen bucket sizes.
This results in the same nf_conntrack_max settings as before but reduces
the average bucket list length.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2021-08-30 11:49:54 +02:00
..
6lowpan
9p 9p/trans_virtio: Fix spelling mistakes 2021-06-02 14:01:55 -07:00
802 net/802/garp: fix memleak in garp_request_join() 2021-07-01 11:21:57 -07:00
8021q net: vlan: pass thru all GSO_SOFTWARE in hw_enc_features 2021-06-18 11:58:03 -07:00
appletalk Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-18 19:47:02 -07:00
atm atm: Use list_for_each_entry() to simplify code in resources.c 2021-06-10 14:08:09 -07:00
ax25
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-18 19:47:02 -07:00
bluetooth Bluetooth: defer cleanup of resources in hci_unregister_dev() 2021-08-05 12:15:24 -07:00
bpf bpf: Add missing bpf_read_[un]lock_trace() for syscall program 2021-08-10 10:10:49 +02:00
bpfilter bpfilter: Specify the log level for the kmsg message 2021-06-25 13:13:50 +02:00
bridge net: bridge: fix memleak in br_add_if() 2021-08-10 13:25:14 -07:00
caif net: fix uninit-value in caif_seqpkt_sendmsg 2021-07-15 11:08:33 -07:00
can can: j1939: j1939_xtp_rx_dat_one(): fix rxtimer value between consecutive TP.DT to 750ms 2021-07-24 19:02:24 +02:00
ceph Networking changes for 5.14. 2021-06-30 15:51:09 -07:00
core page_pool: mask the page->signature before the checking 2021-08-09 10:03:02 +01:00
dcb net: dcb: Return the correct errno code 2021-06-01 17:01:33 -07:00
dccp dccp: add do-while-0 stubs for dccp_pr_debug macros 2021-08-09 10:00:02 +01:00
decnet net: decnet: Fix sleeping inside in af_decnet 2021-07-16 14:06:16 -07:00
dns_resolver
dsa net: switchdev: zero-initialize struct switchdev_notifier_fdb_info emitted by drivers towards the bridge 2021-08-10 13:22:57 -07:00
ethernet
ethtool net: sock: extend SO_TIMESTAMPING for PHC binding 2021-07-01 13:08:18 -07:00
hsr net: hsr: don't check sequence number if tag removal is offloaded 2021-06-16 12:13:01 -07:00
ieee802154 ieee802154: fix error return code in ieee802154_llsec_getparams() 2021-06-03 10:59:49 +02:00
ife
ipv4 net: igmp: fix data-race in igmp_ifc_timer_expire() 2021-08-10 11:56:52 +01:00
ipv6 ipv6: decrease hop limit counter in ip6_forward() 2021-07-23 16:40:41 +01:00
iucv s390: iucv: Avoid field over-reading memcpy() 2021-07-01 15:54:01 -07:00
kcm net: sock: introduce sk_error_report 2021-06-29 11:28:21 -07:00
key net: Remove unnecessary variables 2021-05-26 07:03:39 +02:00
l2tp l2tp: Fix spelling mistakes 2021-06-07 14:08:30 -07:00
l3mdev
lapb net: lapb: Use list_for_each_entry() to simplify code in lapb_iface.c 2021-06-08 16:31:25 -07:00
llc net: llc: fix skb_over_panic 2021-07-27 13:05:56 +01:00
mac80211 mac80211: fix enabling 4-address mode on a sta vif after assoc 2021-07-23 10:34:13 +02:00
mac802154
mpls mpls: Remove redundant assignment to err 2021-04-27 14:17:00 -07:00
mptcp mptcp: drop unused rcu member in mptcp_pm_addr_entry 2021-08-03 14:26:46 -07:00
ncsi net/ncsi: add dummy response handler for Intel boards 2021-07-08 14:16:39 -07:00
netfilter netfilter: conntrack: sanitize table size default settings 2021-08-30 11:49:54 +02:00
netlabel netlabel: Fix memory leak in netlbl_mgmt_add_common 2021-06-15 11:19:04 -07:00
netlink net: Use nlmsg_unicast() instead of netlink_unicast() 2021-07-13 09:28:29 -07:00
netrom netrom: Decrease sock refcount when sock timers expire 2021-07-18 09:48:59 -07:00
nfc TTY / Serial patches for 5.14-rc1 2021-07-05 14:08:24 -07:00
nsh
openvswitch net: openvswitch: fix kernel-doc warnings in flow.c 2021-08-09 15:37:35 -07:00
packet Networking changes for 5.14. 2021-06-30 15:51:09 -07:00
phonet
psample
qrtr net: really fix the build... 2021-08-03 11:14:03 +01:00
rds Networking changes for 5.14. 2021-06-30 15:51:09 -07:00
rfkill Another set of updates, all over the map: 2021-04-20 16:44:04 -07:00
rose
rxrpc Networking changes for 5.14. 2021-06-30 15:51:09 -07:00
sched net: sched: act_mirred: Reset ct info when mirror/redirect skb 2021-08-09 10:58:47 +01:00
sctp sctp: move the active_key update after sh_keys is added 2021-08-03 11:43:43 +01:00
smc net/smc: Correct smc link connection counter in case of smc client 2021-08-09 10:46:59 +01:00
strparser net: sock: introduce sk_error_report 2021-06-29 11:28:21 -07:00
sunrpc NFS client updates for Linux 5.14 2021-07-09 09:43:57 -07:00
switchdev net: switchdev: add a context void pointer to struct switchdev_notifier_info 2021-06-28 14:09:03 -07:00
tipc tipc: do not write skb_shinfo frags when doing decrytion 2021-07-24 19:38:21 +01:00
tls Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-29 15:45:27 -07:00
unix af_unix: fix garbage collect vs MSG_PEEK 2021-07-28 10:18:00 -07:00
vmw_vsock VSOCK: handle VIRTIO_VSOCK_OP_CREDIT_REQUEST 2021-08-03 14:30:59 -07:00
wireless cfg80211: Fix possible memory leak in function cfg80211_bss_update 2021-07-23 10:38:18 +02:00
x25 net: x25: Use list_for_each_entry() to simplify code in x25_route.c 2021-06-10 14:08:09 -07:00
xdp Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-29 15:45:27 -07:00
xfrm Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec 2021-08-04 10:45:41 +01:00
compat.c net: Return the correct errno code 2021-06-03 15:13:56 -07:00
devres.c net: devres: Correct a grammatical error 2021-06-11 12:55:28 -07:00
Kconfig bpf, kconfig: Add consolidated menu entry for bpf with core options 2021-05-11 13:56:16 -07:00
Makefile
socket.c net: socket: support hardware timestamp conversion to PHC bound 2021-07-01 13:08:18 -07:00
sysctl_net.c