linux/net/ipv4/netfilter at beb93b17f27dee8a85db7bf0d882b59cdff4b2a0 - linux - ProxGit

armbian/linux

mirror of https://github.com/armbian/linux.git synced 2026-01-06 10:13:00 -08:00

Files

History

Ulrich Weber 328325bf4f netfilter: nf_nat: don't check for port change on ICMP tuples

commit 38fe36a248 upstream.

ICMP tuples have id in src and type/code in dst.
So comparing src.u.all with dst.u.all will always fail here
and ip_xfrm_me_harder() is called for every ICMP packet,
even if there was no NAT.

Signed-off-by: Ulrich Weber <ulrich.weber@sophos.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2012-11-26 11:34:54 -08:00

..

arp_tables.c

Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6

2011-04-19 11:24:06 -07:00

arpt_mangle.c

netfilter: arpt_mangle: fix return values of checkentry

2011-02-01 16:03:46 +01:00

arptable_filter.c

include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h

2010-03-30 22:02:32 +09:00

ip_queue.c

netfilter: fix looped (broad|multi)cast's MAC handling

2011-06-16 17:27:04 +02:00

ip_tables.c

netfilter: ip_tables: fix compile with debug

2011-06-16 17:16:37 +02:00

ipt_ah.c

netfilter: xtables: change hotdrop pointer to direct modification

2010-05-11 18:35:27 +02:00

ipt_CLUSTERIP.c

netfilter: add more values to enum ip_conntrack_info

2011-06-06 01:35:10 +02:00

ipt_ecn.c

netfilter: ipt_ecn: fix inversion for IP header ECN match

2011-06-16 17:24:55 +02:00

ipt_ECN.c

netfilter: xtables: substitute temporary defines by final name

2010-05-11 18:31:17 +02:00

ipt_LOG.c

netfilter: xt_LOG: do print MAC header on FORWARD

2010-11-15 11:23:06 +01:00

ipt_MASQUERADE.c

netfilter: add more values to enum ip_conntrack_info

2011-06-06 01:35:10 +02:00

ipt_NETMAP.c

netfilter: nf_nat: support user-specified SNAT rules in LOCAL_IN

2010-06-17 06:12:26 +02:00

ipt_REDIRECT.c

netfilter: xtables: substitute temporary defines by final name

2010-05-11 18:31:17 +02:00

ipt_REJECT.c

netfilter: Fix ip_route_me_harder triggering ip_rt_bug

2011-06-29 05:47:32 -07:00

ipt_ULOG.c

netfilter: xtables: substitute temporary defines by final name

2010-05-11 18:31:17 +02:00

iptable_filter.c

netfilter: cleanup printk messages

2010-05-13 15:02:08 +02:00

iptable_mangle.c

netfilter: do not omit re-route check on NF_QUEUE verdict

2011-01-20 10:23:26 +01:00

iptable_raw.c

include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h

2010-03-30 22:02:32 +09:00

iptable_security.c

include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h

2010-03-30 22:02:32 +09:00

Kconfig

netfilter: ipt_addrtype: rename to xt_addrtype

2011-03-15 20:16:20 +01:00

Makefile

netfilter: ipt_addrtype: rename to xt_addrtype

2011-03-15 20:16:20 +01:00

nf_conntrack_l3proto_ipv4_compat.c

Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 into HEAD

2011-01-13 10:29:21 +09:00

nf_conntrack_l3proto_ipv4.c

netfilter: nf_ct_ipv4: packets with wrong ihl are invalid

2012-10-21 09:17:11 -07:00

nf_conntrack_proto_icmp.c

netfilter: nf_conntrack: fix ct refcount leak in l4proto->error()

2011-06-06 01:37:02 +02:00

nf_defrag_ipv4.c

netfilter: nf_conntrack_defrag: check socket type before touching nodefrag flag

2010-09-22 13:13:34 -07:00

nf_nat_amanda.c

netfilter: nf_nat_amanda: rename a variable

2010-11-15 18:45:12 +01:00

nf_nat_core.c

netfilter: add more values to enum ip_conntrack_info

2011-06-06 01:35:10 +02:00

nf_nat_ftp.c

netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers

2010-09-22 08:34:12 +02:00

nf_nat_h323.c

netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers

2010-09-22 08:34:12 +02:00

nf_nat_helper.c

netfilter: nf_nat: fix crash in nf_nat_csum

2011-06-06 01:36:46 +02:00

nf_nat_irc.c

netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers

2010-09-22 08:34:12 +02:00

nf_nat_pptp.c

netfilter: nf_conntrack: add support for "conntrack zones"

2010-02-15 18:13:33 +01:00

nf_nat_proto_common.c

net: Compute protocol sequence numbers and fragment IDs using MD5.

2011-08-15 18:31:35 -07:00

nf_nat_proto_dccp.c

netfilter: nf_nat: make unique_tuple return void

2010-08-02 17:20:54 +02:00

nf_nat_proto_gre.c

netfilter: nf_nat: don't check if the tuple is unique when there isn't any other choice

2010-08-02 17:35:49 +02:00

nf_nat_proto_icmp.c

netfilter: nf_nat: don't check if the tuple is unique when there isn't any other choice

2010-08-02 17:35:49 +02:00

nf_nat_proto_sctp.c

netfilter: nf_nat: make unique_tuple return void

2010-08-02 17:20:54 +02:00

nf_nat_proto_tcp.c

netfilter: nf_nat: make unique_tuple return void

2010-08-02 17:20:54 +02:00

nf_nat_proto_udp.c

netfilter: nf_nat: make unique_tuple return void

2010-08-02 17:20:54 +02:00

nf_nat_proto_udplite.c

netfilter: nf_nat: make unique_tuple return void

2010-08-02 17:20:54 +02:00

nf_nat_proto_unknown.c

netfilter: nf_nat: make unique_tuple return void

2010-08-02 17:20:54 +02:00

nf_nat_rule.c

netfilter: add more values to enum ip_conntrack_info

2011-06-06 01:35:10 +02:00

nf_nat_sip.c

netfilter: nf_nat_sip: fix via header translation with multiple parameters

2012-10-21 09:17:11 -07:00

nf_nat_snmp_basic.c

netfilter: nf_conntrack: nf_conntrack snmp helper

2011-01-18 18:12:24 +01:00

nf_nat_standalone.c

netfilter: nf_nat: don't check for port change on ICMP tuples

2012-11-26 11:34:54 -08:00

nf_nat_tftp.c

netfilter: fix some coding styles and remove moduleparam.h

2010-04-13 11:25:41 +02:00