linux-apfs

mirror of https://github.com/linux-apfs/linux-apfs.git synced 2026-05-01 15:00:59 -07:00

Files

T

Harald Welte 8b83bc77bf [PATCH] don't try to do any NAT on untracked connections

With the introduction of 'rustynat' in 2.6.11, the old tricks of preventing
NAT of 'untracked' connections (e.g. NOTRACK target in 'raw' table) are no
longer sufficient.

The ip_conntrack_untracked.status |= IPS_NAT_DONE_MASK effectively
prevents iteration of the 'nat' table, but doesn't prevent nat_packet()
to be executed.  Since nr_manips is gone in 'rustynat', nat_packet() now
implicitly thinks that it has to do NAT on the packet.

This patch fixes that problem by explicitly checking for
ip_conntrack_untracked in ip_nat_fn().

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

2005-08-08 11:48:28 -07:00

arp_tables.c

[NETFILTER]: Kill lockhelp.h

2005-06-21 14:01:30 -07:00

arpt_mangle.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

arptable_filter.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ip_conntrack_amanda.c

[NETFILTER]: ip_conntrack_expect_related must not free expectation

2005-07-21 13:14:46 -07:00

ip_conntrack_core.c

[NETFILTER] Inherit masq_index to slave connections

2005-07-30 17:44:07 -07:00

ip_conntrack_ftp.c

[NETFILTER]: ip_conntrack_expect_related must not free expectation

2005-07-21 13:14:46 -07:00

ip_conntrack_irc.c

[NETFILTER]: ip_conntrack_expect_related must not free expectation

2005-07-21 13:14:46 -07:00

ip_conntrack_proto_generic.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ip_conntrack_proto_icmp.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ip_conntrack_proto_sctp.c

[NETFILTER]: Kill lockhelp.h

2005-06-21 14:01:30 -07:00

ip_conntrack_proto_tcp.c

[NETFILTER]: Kill lockhelp.h

2005-06-21 14:01:30 -07:00

ip_conntrack_proto_udp.c

[NETFILTER]: Avoid unncessary checksum validation in UDP connection tracking

2005-06-21 14:03:23 -07:00

ip_conntrack_standalone.c

[NETFILTER]: ip_conntrack_expect_related must not free expectation

2005-07-21 13:14:46 -07:00

ip_conntrack_tftp.c

[NETFILTER]: ip_conntrack_expect_related must not free expectation

2005-07-21 13:14:46 -07:00

ip_nat_amanda.c

[NETFILTER]: ip_conntrack_expect_related must not free expectation

2005-07-21 13:14:46 -07:00

ip_nat_core.c

[NETFILTER]: Kill lockhelp.h

2005-06-21 14:01:30 -07:00

ip_nat_ftp.c

[NETFILTER]: ip_conntrack_expect_related must not free expectation

2005-07-21 13:14:46 -07:00

ip_nat_helper.c

[NETFILTER]: Kill nf_debug

2005-06-21 14:01:57 -07:00

ip_nat_irc.c

[NETFILTER]: ip_conntrack_expect_related must not free expectation

2005-07-21 13:14:46 -07:00

ip_nat_proto_icmp.c

[NETFILTER]: Use correct byteorder in ICMP NAT

2005-07-22 12:51:38 -07:00

ip_nat_proto_tcp.c

[NETFILTER]: Fix potential memory corruption in NAT code (aka memory NAT)

2005-07-22 12:50:29 -07:00

ip_nat_proto_udp.c

[NETFILTER]: Fix potential memory corruption in NAT code (aka memory NAT)

2005-07-22 12:50:29 -07:00

ip_nat_proto_unknown.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ip_nat_rule.c

[NETFILTER]: Kill lockhelp.h

2005-06-21 14:01:30 -07:00

ip_nat_snmp_basic.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ip_nat_standalone.c

[PATCH] don't try to do any NAT on untracked connections

2005-08-08 11:48:28 -07:00

ip_nat_tftp.c

[NETFILTER]: ip_conntrack_expect_related must not free expectation

2005-07-21 13:14:46 -07:00

ip_queue.c

[NETFILTER]: Fix deadlock with ip_queue and tcp local input path.

2005-05-30 15:35:26 -07:00

ip_tables.c

[NETFILTER]: Kill lockhelp.h

2005-06-21 14:01:30 -07:00

ipt_addrtype.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_ah.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_CLASSIFY.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_CLUSTERIP.c

[NETFILTER]: ipt_CLUSTERIP: fix ARP mangling

2005-06-28 12:49:30 -07:00

ipt_comment.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_connmark.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_CONNMARK.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_conntrack.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_dscp.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_DSCP.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_ecn.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_ECN.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_esp.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_hashlimit.c

[NETFILTER]: Kill lockhelp.h

2005-06-21 14:01:30 -07:00

ipt_helper.c

[NETFILTER]: Kill lockhelp.h

2005-06-21 14:01:30 -07:00

ipt_iprange.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_length.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_limit.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_LOG.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_mac.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_mark.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_MARK.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_MASQUERADE.c

[NETFILTER]: Kill lockhelp.h

2005-06-21 14:01:30 -07:00

ipt_multiport.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_NETMAP.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_NOTRACK.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_owner.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_physdev.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_pkttype.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_realm.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_recent.c

[NETFILTER]: ipt_recent: last_pkts is an array of "unsigned long" not "u_int32_t"

2005-06-15 20:51:14 -07:00

ipt_REDIRECT.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_REJECT.c

[NETFILTER]: Check TCP checksum in ipt_REJECT

2005-06-21 14:03:46 -07:00

ipt_SAME.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_sctp.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_state.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_tcpmss.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_TCPMSS.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_tos.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_TOS.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_ttl.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

ipt_ULOG.c

[NETFILTER]: Kill lockhelp.h

2005-06-21 14:01:30 -07:00

iptable_filter.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

iptable_mangle.c

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

iptable_raw.c

[NETFILTER]: Missing owner-field initialization in iptable_raw

2005-05-03 14:23:13 -07:00

Kconfig

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00

Makefile

Linux-2.6.12-rc2

2005-04-16 15:20:36 -07:00