Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/include/net/netfilter
History
Yi-Hung Wei 21ba8847f8 netfilter: nf_conncount: Fix garbage collection with zones 
Currently, we use check_hlist() for garbage colleciton. However, we
use the ‘zone’ from the counted entry to query the existence of
existing entries in the hlist. This could be wrong when they are in
different zones, and this patch fixes this issue.

Fixes: e59ea3df3f ("netfilter: xt_connlimit: honor conntrack zone if available")
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2018-06-12 20:07:07 +02:00
..
ipv4 netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
ipv6 netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
br_netfilter.h
nf_conntrack.h
nf_conntrack_acct.h
nf_conntrack_core.h
nf_conntrack_count.h netfilter: nf_conncount: Fix garbage collection with zones 2018-06-12 20:07:07 +02:00
nf_conntrack_ecache.h
nf_conntrack_expect.h
nf_conntrack_extend.h
nf_conntrack_helper.h
nf_conntrack_l3proto.h
nf_conntrack_l4proto.h
nf_conntrack_labels.h
nf_conntrack_seqadj.h
nf_conntrack_synproxy.h
nf_conntrack_timeout.h
nf_conntrack_timestamp.h
nf_conntrack_tuple.h
nf_conntrack_zones.h
nf_dup_netdev.h
nf_flow_table.h netfilter: nf_flow_table: add a new flow state for tearing down offloading 2018-04-24 10:28:54 +02:00
nf_log.h
nf_nat.h netfilter: nf_nat: add nat hook register functions to nf_nat 2018-05-23 09:14:05 +02:00
nf_nat_core.h netfilter: add struct nf_nat_hook and use it 2018-05-23 09:26:07 +02:00
nf_nat_helper.h
nf_nat_l3proto.h netfilter: nf_nat: add nat type hooks to nat core 2018-05-23 09:14:06 +02:00
nf_nat_l4proto.h netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nf_nat_redirect.h netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nf_queue.h
nf_socket.h netfilter: Decrease code duplication regarding transparent socket option 2018-06-03 00:02:01 +02:00
nf_tables.h netfilter: nf_tables: handle chain name lookups via rhltable 2018-06-03 01:18:37 +02:00
nf_tables_core.h netfilter: nf_tables: fix chain dependency validation 2018-06-01 09:46:22 +02:00
nf_tables_ipv4.h
nf_tables_ipv6.h
nf_tproxy.h netfilter: Libify xt_TPROXY 2018-06-03 00:02:05 +02:00
nfnetlink_log.h
nft_fib.h
nft_masq.h
nft_redir.h
nft_reject.h
xt_rateest.h