q3k
/
linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux/include/net/netfilter
History
Julian Anastasov 42c1edd345 netfilter: nf_nat: avoid double seq_adjust for loopback 
Avoid double seq adjustment for loopback traffic
because it causes silent repetition of TCP data. One
example is passive FTP with DNAT rule and difference in the
length of IP addresses.

	This patch adds check if packet is sent and
received via loopback device. As the same conntrack is
used both for outgoing and incoming direction, we restrict
seq adjustment to happen only in POSTROUTING.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Patrick McHardy <kaber@trash.net>
 		2011-06-16 17:29:22 +02:00
..
ipv4 netfilter: nf_ct_icmp: keep the ICMP ct entries longer 2009-06-08 15:53:43 +02:00
ipv6 netfilter: fix compilation when conntrack is disabled but tproxy is enabled 2011-01-12 20:25:08 +01:00
nf_conntrack.h netfilter: nf_nat: avoid double seq_adjust for loopback 2011-06-16 17:29:22 +02:00
nf_conntrack_acct.h netfilter: xt_connbytes: Force CT accounting to be enabled 2010-06-25 14:44:07 +02:00
nf_conntrack_core.h netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
nf_conntrack_ecache.h Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-02-04 14:28:58 -08:00
nf_conntrack_expect.h netfilter: ctnetlink: add expectation deletion events 2010-10-19 10:19:06 +02:00
nf_conntrack_extend.h netfilter: nf_conntrack_tstamp: add flow-based timestamp extension 2011-01-19 16:00:07 +01:00
nf_conntrack_helper.h netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_l3proto.h netfilter: add __rcu annotations 2010-11-15 18:17:21 +01:00
nf_conntrack_l4proto.h netfilter: nf_conntrack: pass template to l4proto ->error() handler 2010-02-15 17:45:08 +01:00
nf_conntrack_timestamp.h netfilter: nf_conntrack: fix linker error with NF_CONNTRACK_TIMESTAMP=n 2011-01-20 20:46:52 +01:00
nf_conntrack_tuple.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
nf_conntrack_zones.h netfilter: nf_defrag_ipv4: fix compilation error with NF_CONNTRACK=n 2010-02-18 19:04:44 +01:00
nf_log.h netfilter: use a linked list of loggers 2009-03-16 14:54:21 +01:00
nf_nat.h net: Remove __KERNEL__ cpp checks from include/net 2011-04-24 10:54:56 -07:00
nf_nat_core.h netfilter: nf_nat: fix conversion to non-atomic bit ops 2011-01-18 15:02:48 +01:00
nf_nat_helper.h netfilter: nf_nat: support mangling a single TCP packet multiple times 2010-02-11 12:27:09 +01:00
nf_nat_protocol.h netfilter: nf_nat: make find/put static 2010-10-04 20:53:18 +02:00
nf_nat_rule.h netfilter: nf_nat: support user-specified SNAT rules in LOCAL_IN 2010-06-17 06:12:26 +02:00
nf_queue.h netfilter: Use unsigned types for hooknum and pf vars 2008-10-08 11:35:00 +02:00
nf_tproxy_core.h netfilter: tproxy: do not assign timewait sockets to skb->sk 2011-02-17 11:32:38 +01:00
nfnetlink_log.h nfnetlink_log: do not expose NFULNL_COPY_DISABLED to user-space 2010-07-15 11:27:41 +02:00
xt_log.h netfilter: add missing xt_log.h file 2010-10-04 23:24:21 +02:00
xt_rateest.h Merge branch 'master' of /repos/git/net-next-2.6 2010-06-15 17:31:06 +02:00