FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2025-01-02 07:11:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8c88f87cb2
linux/net/ipv4
History
Pablo Neira Ayuso 8c88f87cb2 netfilter: nfnetlink_queue: add NAT TCP sequence adjustment if packet mangled 
User-space programs that receive traffic via NFQUEUE may mangle packets.
If NAT is enabled, this usually puzzles sequence tracking, leading to
traffic disruptions.

With this patch, nfnl_queue will make the corresponding NAT TCP sequence
adjustment if:

1) The packet has been mangled,
2) the NFQA_CFG_F_CONNTRACK flag has been set, and
3) NAT is detected.

There are some records on the Internet complaning about this issue:
http://stackoverflow.com/questions/260757/packet-mangling-utilities-besides-iptables

By now, we only support TCP since we have no helpers for DCCP or SCTP.
Better to add this if we ever have some helper over those layer 4 protocols.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2012-06-16 15:09:08 +02:00
..
netfilter netfilter: nfnetlink_queue: add NAT TCP sequence adjustment if packet mangled 2012-06-16 15:09:08 +02:00
af_inet.c net: Remove casts to same type 2012-06-04 11:45:11 -04:00
ah4.c net: ipv4 and ipv6: Convert printk(KERN_DEBUG to pr_debug 2012-05-16 01:01:03 -04:00
arp.c ipv4: Add interface option to enable routing of 127.0.0.0/8 2012-06-12 15:25:46 -07:00
cipso_ipv4.c
datagram.c
devinet.c ipv4: Add interface option to enable routing of 127.0.0.0/8 2012-06-12 15:25:46 -07:00
esp4.c xfrm: take net hdr len into account for esp payload size calculation 2012-05-27 01:08:29 -04:00
fib_frontend.c
fib_lookup.h
fib_rules.c
fib_semantics.c ipv4: fix the rcu race between free_fib_info and ip_route_output_slow 2012-05-24 00:28:21 -04:00
fib_trie.c inet: Add inetpeer tree roots to the FIB tables. 2012-06-11 02:09:16 -07:00
gre.c
icmp.c ipv4: Kill ip_rt_frag_needed(). 2012-06-11 02:08:59 -07:00
igmp.c
inet_connection_sock.c tcp: do not create inetpeer on SYNACK message 2012-06-01 14:22:11 -04:00
inet_diag.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-05-07 23:35:40 -04:00
inet_fragment.c inetpeer: add parameter net for inet_getpeer_v4,v6 2012-06-08 14:27:23 -07:00
inet_hashtables.c
inet_lro.c
inet_timewait_sock.c net: ipv4 and ipv6: Convert printk(KERN_DEBUG to pr_debug 2012-05-16 01:01:03 -04:00
inetpeer.c inet: Add family scope inetpeer flushes. 2012-06-11 02:09:10 -07:00
ip_forward.c
ip_fragment.c inet: Pass inetpeer root into inet_getpeer*() interfaces. 2012-06-09 19:12:36 -07:00
ip_gre.c
ip_input.c net: Convert net_ratelimit uses to net_<level>_ratelimited 2012-05-15 13:45:03 -04:00
ip_options.c net: Convert net_ratelimit uses to net_<level>_ratelimited 2012-05-15 13:45:03 -04:00
ip_output.c net: use consume_skb() in place of kfree_skb() 2012-06-04 11:27:40 -04:00
ip_sockglue.c net: IP_MULTICAST_IF setsockopt now recognizes struct mreq 2012-05-07 23:03:22 -04:00
ipcomp.c
ipconfig.c net/ipv4/ipconfig: neaten __setup placement 2012-05-20 04:06:16 -04:00
ipip.c
ipmr.c net: Convert net_ratelimit uses to net_<level>_ratelimited 2012-05-15 13:45:03 -04:00
Kconfig net: delete all instances of special processing for token ring 2012-05-15 20:14:35 -04:00
Makefile
netfilter.c
ping.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-05-23 17:42:39 -07:00
proc.c
protocol.c
raw.c
route.c ipv4: Add interface option to enable routing of 127.0.0.0/8 2012-06-12 15:25:46 -07:00
syncookies.c
sysctl_net_ipv4.c tcp: early retransmit 2012-05-02 20:56:10 -04:00
tcp_bic.c
tcp_cong.c tcp: bool conversions 2012-05-17 14:59:59 -04:00
tcp_cubic.c
tcp_diag.c
tcp_highspeed.c
tcp_htcp.c
tcp_hybla.c tcp: bool conversions 2012-05-17 14:59:59 -04:00
tcp_illinois.c
tcp_input.c tcp: take care of overlaps in tcp_try_coalesce() 2012-05-24 00:28:21 -04:00
tcp_ipv4.c [PATCH] tcp: Cache inetpeer in timewait socket, and only when necessary. 2012-06-09 14:56:12 -07:00
tcp_lp.c
tcp_memcontrol.c memcg: decrement static keys at real destroy time 2012-05-29 16:22:28 -07:00
tcp_minisocks.c [PATCH] tcp: Cache inetpeer in timewait socket, and only when necessary. 2012-06-09 14:56:12 -07:00
tcp_output.c tcp: tcp_make_synack() consumes dst parameter 2012-06-04 11:27:39 -04:00
tcp_probe.c
tcp_scalable.c
tcp_timer.c tcp: early retransmit: delayed fast retransmit 2012-05-02 20:56:10 -04:00
tcp_vegas.c
tcp_vegas.h
tcp_veno.c
tcp_westwood.c
tcp_yeah.c
tcp.c mm: add a low limit to alloc_large_system_hash 2012-05-24 00:28:21 -04:00
tunnel4.c
udp_diag.c udp_diag: implement idiag_get_info for udp/udplite to get queue information 2012-04-25 20:43:01 -04:00
udp_impl.h
udp.c mm: add a low limit to alloc_large_system_hash 2012-05-24 00:28:21 -04:00
udplite.c
xfrm4_input.c
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
xfrm4_output.c
xfrm4_policy.c inet: Hide route peer accesses behind helpers. 2012-06-11 02:08:47 -07:00
xfrm4_state.c
xfrm4_tunnel.c