FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2025-02-09 12:53:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux/net/netfilter
History
Florian Westphal 96120d86fe netfilter: xt_conntrack: fix inverted conntrack direction test 
--ctdir ORIGINAL matches REPLY packets, and vv:

userspace sets "invert_flags &= ~XT_CONNTRACK_DIRECTION" in ORIGINAL
case.

Thus: (CTINFO2DIR(ctinfo) == IP_CT_DIR_ORIGINAL) ^
      !!(info->invert_flags & XT_CONNTRACK_DIRECTION))

yields "1 ^ 0", which is true -> returns false.

Reproducer:
iptables -I OUTPUT 1 -p tcp --syn -m conntrack --ctdir ORIGINAL

Signed-off-by: Florian Westphal <fwestphal@astaro.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2011-04-04 17:06:21 +02:00
..
ipset
netfilter: ipset: references are protected by rwlock instead of mutex
2011-04-04 15:19:25 +02:00
ipvs
IPVS: fix NULL ptr dereference in ip_vs_ctl.c ip_vs_genl_dump_daemons()
2011-04-04 15:25:18 +02:00
core.c
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-02-19 19:17:35 -08:00
Kconfig
netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route
2011-04-04 17:01:43 +02:00
Makefile
netfilter: ipt_addrtype: rename to xt_addrtype
2011-03-15 20:16:20 +01:00
nf_conntrack_acct.c
nf_conntrack_amanda.c
nf_conntrack_broadcast.c
netfilter: nf_conntrack: nf_conntrack snmp helper
2011-01-18 18:12:24 +01:00
nf_conntrack_core.c
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6
2011-03-15 13:03:27 -07:00
nf_conntrack_ecache.c
netfilter: ecache: always set events bits, filter them later
2011-02-01 16:06:30 +01:00
nf_conntrack_expect.c
netfilter: nf_conntrack: use is_vmalloc_addr()
2011-01-14 15:45:56 +01:00
nf_conntrack_extend.c
nf_conntrack_ftp.c
nf_conntrack_h323_asn1.c
netfilter: h323: bug in parsing of ASN1 SEQOF field
2011-04-04 15:21:02 +02:00
nf_conntrack_h323_main.c
netfilter: af_info: add 'strict' parameter to limit lookup to .oif
2011-04-04 17:00:54 +02:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c
netfilter: nf_conntrack: use is_vmalloc_addr()
2011-01-14 15:45:56 +01:00
nf_conntrack_irc.c
nf_conntrack_l3proto_generic.c
nf_conntrack_netbios_ns.c
netfilter: nf_conntrack: nf_conntrack snmp helper
2011-01-18 18:12:24 +01:00
nf_conntrack_netlink.c
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-02-04 14:28:58 -08:00
nf_conntrack_pptp.c
nf_conntrack_proto_dccp.c
nf_conntrack_proto_generic.c
nf_conntrack_proto_gre.c
nf_conntrack_proto_sctp.c
nf_conntrack_proto_tcp.c
netfilter: nf_ct_tcp: fix out of sync scenario while in SYN_RECV
2011-02-28 18:02:33 +01:00
nf_conntrack_proto_udp.c
nf_conntrack_proto_udplite.c
nf_conntrack_proto.c
nf_conntrack_sane.c
nf_conntrack_sip.c
nf_conntrack_snmp.c
netfilter: nf_conntrack: nf_conntrack snmp helper
2011-01-18 18:12:24 +01:00
nf_conntrack_standalone.c
netfilter: nf_conntrack: fix lifetime display for disabled connections
2011-01-19 19:10:49 +01:00
nf_conntrack_tftp.c
nf_conntrack_timestamp.c
netfilter: nf_conntrack_tstamp: add flow-based timestamp extension
2011-01-19 16:00:07 +01:00
nf_internals.h
nf_log.c
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-03-03 21:27:42 -08:00
nf_queue.c
netfilter: allow NFQUEUE bypass if no listener is available
2011-01-18 16:08:30 +01:00
nf_sockopt.c
nf_tproxy_core.c
netfilter: tproxy: do not assign timewait sockets to skb->sk
2011-02-17 11:32:38 +01:00
nfnetlink_log.c
netfilter: nfnetlink_log: remove unused parameter
2011-02-15 21:59:37 +01:00
nfnetlink_queue.c
netfilter: nfnetlink_queue: return error number to caller
2011-01-18 15:27:28 +01:00
nfnetlink.c
x_tables.c
netfilter: x_tables: return -ENOENT for non-existant matches/targets
2011-03-14 19:11:44 +01:00
xt_addrtype.c
netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route
2011-04-04 17:01:43 +02:00
xt_AUDIT.c
netfilter ebtables: fix xt_AUDIT to work with ebtables
2011-03-16 18:32:13 +01:00
xt_CHECKSUM.c
xt_CLASSIFY.c
xt_cluster.c
xt_comment.c
xt_connbytes.c
xt_connlimit.c
netfilter: xt_connlimit: remove connlimit_rnd_inited
2011-03-15 13:26:32 +01:00
xt_connmark.c
xt_CONNSECMARK.c
xt_conntrack.c
netfilter: xt_conntrack: fix inverted conntrack direction test
2011-04-04 17:06:21 +02:00
xt_cpu.c
netfilter: xtables: add missing aliases for autoloading via iptables
2011-01-18 06:33:54 +01:00
xt_CT.c
xt_dccp.c
xt_devgroup.c
netfilter: xtables: add device group match
2011-02-03 00:05:43 +01:00
xt_dscp.c
xt_DSCP.c
xt_esp.c
xt_hashlimit.c
xt_helper.c
xt_hl.c
xt_HL.c
xt_IDLETIMER.c
netfilter: xtables: add missing aliases for autoloading via iptables
2011-01-18 06:33:54 +01:00
xt_iprange.c
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-02-04 14:28:58 -08:00
xt_ipvs.c
IPVS: netns, use ip_vs_proto_data as param.
2011-01-13 10:30:27 +09:00
xt_LED.c
netfilter: xtables: add missing aliases for autoloading via iptables
2011-01-18 06:33:54 +01:00
xt_length.c
xt_limit.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_NFLOG.c
xt_NFQUEUE.c
netfilter: allow NFQUEUE bypass if no listener is available
2011-01-18 16:08:30 +01:00
xt_NOTRACK.c
xt_osf.c
xt_owner.c
xt_physdev.c
xt_pkttype.c
xt_policy.c
xt_quota.c
xt_rateest.c
xt_RATEEST.c
xt_realm.c
xt_recent.c
xt_repldata.h
xt_sctp.c
xt_SECMARK.c
xt_set.c
netfilter: xtables: "set" match and "SET" target support
2011-02-01 15:56:00 +01:00
xt_socket.c
netfilter: tproxy: do not assign timewait sockets to skb->sk
2011-02-17 11:32:38 +01:00
xt_state.c
xt_statistic.c
xt_string.c
xt_tcpmss.c
xt_TCPMSS.c
netfilter: af_info: add 'strict' parameter to limit lookup to .oif
2011-04-04 17:00:54 +02:00
xt_TCPOPTSTRIP.c
xt_tcpudp.c
xt_TEE.c
ipv6: Convert to use flowi6 where applicable.
2011-03-12 15:08:54 -08:00
xt_time.c
xt_TPROXY.c
netfilter: tproxy: do not assign timewait sockets to skb->sk
2011-02-17 11:32:38 +01:00
xt_TRACE.c
xt_u32.c