linux/netfilter at c18c821fd40ad0ffc199a55be874e556bf999416 - linux - Gitea: Git with a cup of tea

FEX-Emu/linux

mirror of https://github.com/FEX-Emu/linux.git synced 2025-01-13 12:53:27 +00:00

History

Joerg Marx fc350777c7 netfilter: nf_conntrack: fix a race in __nf_conntrack_confirm against nf_ct_get_next_corpse()

This race was triggered by a 'conntrack -F' command running in parallel
to the insertion of a hash for a new connection. Losing this race led to
a dead conntrack entry effectively blocking traffic for a particular
connection until timeout or flushing the conntrack hashes again.
Now the check for an already dying connection is done inside the lock.

Signed-off-by: Joerg Marx <joerg.marx@secunet.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>

2010-05-20 15:55:30 +02:00

..

netfilter: nf_ct_icmp: keep the ICMP ct entries longer

2009-06-08 15:53:43 +02:00

ipv6: reassembly: use seperate reassembly queues for conntrack and local delivery

2009-12-15 16:59:18 +01:00

nf_conntrack_acct.h

netfilter: netns nf_conntrack: per-netns conntrack accounting

2008-10-08 11:35:09 +02:00

nf_conntrack_core.h

netfilter: nf_conntrack: fix a race in __nf_conntrack_confirm against nf_ct_get_next_corpse()

2010-05-20 15:55:30 +02:00

nf_conntrack_ecache.h

netfilter: ctnetlink: support selective event delivery

2010-02-03 13:51:51 +01:00

nf_conntrack_expect.h

netfilter: nf_conntrack: add support for "conntrack zones"

2010-02-15 18:13:33 +01:00

nf_conntrack_extend.h

include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h

2010-03-30 22:02:32 +09:00

nf_conntrack_helper.h

netfilter: xtables: add CT target

2010-02-03 17:17:06 +01:00

nf_conntrack_l3proto.h

net: cleanup include/net

2009-11-04 05:06:25 -08:00

nf_conntrack_l4proto.h

netfilter: nf_conntrack: pass template to l4proto ->error() handler

2010-02-15 17:45:08 +01:00

nf_conntrack_tuple.h

net: cleanup include/net

2009-11-04 05:06:25 -08:00

nf_conntrack_zones.h

netfilter: nf_defrag_ipv4: fix compilation error with NF_CONNTRACK=n

2010-02-18 19:04:44 +01:00

nf_conntrack.h

netfilter: nf_conntrack: add support for "conntrack zones"

2010-02-15 18:13:33 +01:00

nf_log.h

netfilter: use a linked list of loggers

2009-03-16 14:54:21 +01:00

nf_nat_core.h

netfilter: nfnetlink: constify message attributes and headers

2009-08-25 16:07:58 +02:00

nf_nat_helper.h

netfilter: nf_nat: support mangling a single TCP packet multiple times

2010-02-11 12:27:09 +01:00

nf_nat_protocol.h

net: cleanup include/net

2009-11-04 05:06:25 -08:00

nf_nat_rule.h

[NETFILTER]: nf_nat: don't add NAT extension for confirmed conntracks

2008-04-14 11:15:51 +02:00

nf_nat.h

net: cleanup include/net

2009-11-04 05:06:25 -08:00

nf_queue.h

netfilter: Use unsigned types for hooknum and pf vars

2008-10-08 11:35:00 +02:00

nf_tproxy_core.h

netfilter: iptables tproxy core

2008-10-08 11:35:12 +02:00

nfnetlink_log.h

netfilter: nfnetlink_log: fix warning and prototype mismatch

2008-11-18 12:16:52 +01:00

xt_rateest.h

net: restore gnet_stats_basic to previous definition

2009-08-17 21:33:49 -07:00