ukui/kernel
0
0
Fork 0
mirror of https://github.com/ukui/kernel.git synced 2026-03-09 10:07:04 -07:00
Code Issues Packages Projects Releases Wiki Activity
1,060,515 Commits 1 Branch 0 Tags
878aed8db324bec64f3c3f956e64d5ae7375a5de
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Florian Westphal 878aed8db3 netfilter: nat: force port remap to prevent shadowing well-known ports 
If destination port is above 32k and source port below 16k
assume this might cause 'port shadowing' where a 'new' inbound
connection matches an existing one, e.g.

inbound X:41234 -> Y:53 matches existing conntrack entry
        Z:53 -> X:4123, where Z got natted to X.

In this case, new packet is natted to Z:53 which is likely
unwanted.

We avoid the rewrite for connections that originate from local host:
port-shadowing is only possible with forwarded connections.

Also adjust test case.

v3: no need to call tuple_force_port_remap if already in random mode (Phil)

Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Phil Sutter <phil@nwl.cc>
Acked-by: Eric Garver <eric@garver.life>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2021-12-23 01:07:44 +01:00
arch
ARM: dts: qcom: sdx55: fix IPA interconnect definitions
2021-12-13 12:49:26 +00:00
block
Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
2021-12-08 16:06:44 -08:00
certs
certs: Add support for using elliptic curve keys for signing modules
2021-08-23 19:55:42 +03:00
crypto
Merge tag 'zstd-for-linus-v5.16' of git://github.com/terrelln/linux
2021-11-13 15:32:30 -08:00
Documentation
ice: support immediate firmware activation via devlink reload
2021-12-15 08:40:38 -08:00
drivers
net: prestera: flower template support
2021-12-16 10:52:53 +00:00
fs
net: add netns refcount tracker to struct seq_net_private
2021-12-10 06:38:26 -08:00
include
netfilter: conntrack: tag conntracks picked up in local out hook
2021-12-23 01:07:44 +01:00
init
kbuild: Fix -Wimplicit-fallthrough=5 error for GCC 5.x and 6.x
2021-11-14 18:59:49 -08:00
ipc
shm: extend forced shm destroy to support objects from several IPC nses
2021-11-20 10:35:54 -08:00
kernel
Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
2021-12-10 15:56:13 -08:00
lib
Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
2021-12-10 15:56:13 -08:00
LICENSES
LICENSES/dual/CC-BY-4.0: Git rid of "smart quotes"
2021-07-15 06:31:24 -06:00
mm
Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
2021-12-08 16:06:44 -08:00
net
netfilter: nat: force port remap to prevent shadowing well-known ports
2021-12-23 01:07:44 +01:00
samples
Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
2021-12-10 15:56:13 -08:00
scripts
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid
2021-11-24 09:44:13 -08:00
security
selinux: fix NULL-pointer dereference when hashtab allocation fails
2021-11-19 16:11:39 -05:00
sound
Merge tag 'sound-5.16-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
2021-12-01 10:07:39 -08:00
tools
netfilter: nat: force port remap to prevent shadowing well-known ports
2021-12-23 01:07:44 +01:00
usr
initramfs: Check timestamp to prevent broken cpio archive
2021-10-24 13:48:40 +09:00
virt
KVM: downgrade two BUG_ONs to WARN_ON_ONCE
2021-11-26 06:43:28 -05:00
.clang-format
clang-format: Update with the latest for_each macro list
2021-05-12 23:32:39 +02:00
.cocciconfig
.get_maintainer.ignore
Opt out of scripts/get_maintainer.pl
2019-05-16 10:53:40 -07:00
.gitattributes
.gitattributes: use 'dts' diff driver for dts files
2019-12-04 19:44:11 -08:00
.gitignore
.gitignore: ignore only top-level modules.builtin
2021-05-02 00:43:35 +09:00
.mailmap
MAINTAINERS: update email address of Christian Borntraeger
2021-11-18 17:50:54 +01:00
COPYING
COPYING: state that all contributions really are covered by this file
2020-02-10 13:32:20 -08:00
CREDITS
MAINTAINERS: Move Daniel Drake to credits
2021-09-21 08:34:58 +03:00
Kbuild
kbuild: rename hostprogs-y/always to hostprogs/always-y
2020-02-04 01:53:07 +09:00
Kconfig
kbuild: ensure full rebuild when the compiler is updated
2020-05-12 13:28:33 +09:00
MAINTAINERS
Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
2021-12-10 15:56:13 -08:00
Makefile
Makefile: Do not quote value for CONFIG_CC_IMPLICIT_FALLTHROUGH
2021-12-06 16:42:47 -08:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
Readme 2.3 GiB
Languages
C 97.7%
Assembly 1.1%
Shell 0.4%
Makefile 0.3%
Python 0.2%
Other 0.1%