superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/include
History
Pablo Neira Ayuso 368982cd7d netfilter: nfnetlink_queue: resolve clash for unconfirmed conntracks 
In nfqueue, two consecutive skbuffs may race to create the conntrack
entry. Hence, the one that loses the race gets dropped due to clash in
the insertion into the hashes from the nf_conntrack_confirm() path.

This patch adds a new nf_conntrack_update() function which searches for
possible clashes and resolve them. NAT mangling for the packet losing
race is corrected by using the conntrack information that won race.

In order to avoid direct module dependencies with conntrack and NAT, the
nf_ct_hook and nf_nat_hook structures are used for this purpose.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2018-05-23 09:26:08 +02:00
..
acpi
asm-generic earlycon: Use a pointer table to fix __earlycon_table stride 2018-04-23 10:06:59 +02:00
clocksource
crypto
drm
dt-bindings Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-05-11 20:53:22 -04:00
keys
kvm KVM: arm/arm64: vgic: Fix source vcpu issues for GICv2 SGI 2018-04-27 12:39:09 +01:00
linux netfilter: nfnetlink_queue: resolve clash for unconfirmed conntracks 2018-05-23 09:26:08 +02:00
math-emu
media MAINTAINERS & files: Canonize the e-mails I use at files 2018-05-04 06:21:06 -04:00
memory
misc
net netfilter: add struct nf_nat_hook and use it 2018-05-23 09:26:07 +02:00
pcmcia
ras
rdma
scsi
soc
sound ALSA: control: Hardening for potential Spectre v1 2018-04-25 10:37:46 +02:00
target
trace Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-05-11 20:53:22 -04:00
uapi netfilter: nft_hash: add map lookups for hashing operations 2018-05-17 14:00:52 +02:00
video
xen