q3k
/
linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux/net/netfilter
History
Christoph Paasch ec8d540969 netfilter: conntrack: fix dropping packet after l4proto->packet() 
We currently use the negative value in the conntrack code to encode
the packet verdict in the error. As NF_DROP is equal to 0, inverting
NF_DROP makes no sense and, as a result, no packets are ever dropped.

Signed-off-by: Christoph Paasch <christoph.paasch@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
 		2009-03-16 15:51:29 +01:00
..
ipvs IPVS: Make "no destination available" message more consistent between schedulers 2008-12-29 18:37:36 -08:00
Kconfig netfilter: xt_NFLOG is dependant of nfnetlink_log 2008-12-10 17:24:33 -08:00
Makefile
core.c
nf_conntrack_acct.c net: '&' redux 2008-11-03 18:21:05 -08:00
nf_conntrack_amanda.c netfilter: nf_conntrack: connection tracking helper name persistent aliases 2008-11-17 16:01:42 +01:00
nf_conntrack_core.c netfilter: conntrack: fix dropping packet after l4proto->packet() 2009-03-16 15:51:29 +01:00
nf_conntrack_ecache.c netfilter: ctnetlink: deliver events for conntracks changed from userspace 2008-11-18 11:56:20 +01:00
nf_conntrack_expect.c netfilter: ctnetlink: deliver events for conntracks changed from userspace 2008-11-18 11:56:20 +01:00
nf_conntrack_extend.c
nf_conntrack_ftp.c netfilter: fix warning in net/netfilter/nf_conntrack_ftp.c 2008-11-25 18:23:03 +01:00
nf_conntrack_h323_asn1.c
nf_conntrack_h323_main.c netfilter: nf_conntrack: connection tracking helper name persistent aliases 2008-11-17 16:01:42 +01:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6 2008-11-28 02:19:15 -08:00
nf_conntrack_irc.c netfilter: nf_conntrack: connection tracking helper name persistent aliases 2008-11-17 16:01:42 +01:00
nf_conntrack_l3proto_generic.c
nf_conntrack_netbios_ns.c netfilter: nf_conntrack: connection tracking helper name persistent aliases 2008-11-17 16:01:42 +01:00
nf_conntrack_netlink.c netfilter: ctnetlink: fix crash during expectation creation 2009-03-16 15:50:51 +01:00
nf_conntrack_pptp.c netfilter: nf_conntrack: connection tracking helper name persistent aliases 2008-11-17 16:01:42 +01:00
nf_conntrack_proto.c netfilter: netns ct: walk netns list under RTNL 2008-11-05 03:03:18 -08:00
nf_conntrack_proto_dccp.c
nf_conntrack_proto_generic.c net: '&' redux 2008-11-03 18:21:05 -08:00
nf_conntrack_proto_gre.c netfilter: nf_conntrack_proto_gre: spread __exit 2008-11-20 10:01:37 +01:00
nf_conntrack_proto_sctp.c netfilter: nf_conntrack_proto_sctp: avoid bogus warning 2008-11-24 13:47:21 +01:00
nf_conntrack_proto_tcp.c netfilter: conntrack: fix dropping packet after l4proto->packet() 2009-03-16 15:51:29 +01:00
nf_conntrack_proto_udp.c net: '&' redux 2008-11-03 18:21:05 -08:00
nf_conntrack_proto_udplite.c net: '&' redux 2008-11-03 18:21:05 -08:00
nf_conntrack_sane.c netfilter: nf_conntrack: connection tracking helper name persistent aliases 2008-11-17 16:01:42 +01:00
nf_conntrack_sip.c netfilter: nf_conntrack: connection tracking helper name persistent aliases 2008-11-17 16:01:42 +01:00
nf_conntrack_standalone.c cpumask: prepare for iterators to only go to nr_cpu_ids/nr_cpumask_bits: net 2008-12-29 22:44:47 -08:00
nf_conntrack_tftp.c netfilter: nf_conntrack: connection tracking helper name persistent aliases 2008-11-17 16:01:42 +01:00
nf_internals.h
nf_log.c
nf_queue.c
nf_sockopt.c
nf_tproxy_core.c
nfnetlink.c
nfnetlink_log.c netfilter: nfnetlink_log: fix timeout handling 2009-02-18 15:29:49 +01:00
nfnetlink_queue.c
x_tables.c netfilter: make proc/net/ip* print names from foreign NFPROTO 2009-02-18 16:42:19 +01:00
xt_CLASSIFY.c
xt_CONNMARK.c
xt_CONNSECMARK.c
xt_DSCP.c
xt_MARK.c
xt_NFLOG.c netfilter: xt_NFLOG: don't call nf_log_packet in NFLOG module. 2008-11-04 14:21:08 +01:00
xt_NFQUEUE.c
xt_NOTRACK.c
xt_RATEEST.c
xt_SECMARK.c
xt_TCPMSS.c
xt_TCPOPTSTRIP.c
xt_TPROXY.c
xt_TRACE.c
xt_comment.c
xt_connbytes.c
xt_connlimit.c
xt_connmark.c
xt_conntrack.c
xt_dccp.c nf/dccp: merge errorpaths 2008-12-14 23:19:02 -08:00
xt_dscp.c
xt_esp.c
xt_hashlimit.c net: replace NIPQUAD() in net/netfilter/ 2008-10-31 00:54:29 -07:00
xt_helper.c
xt_iprange.c net: replace NIPQUAD() in net/netfilter/ 2008-10-31 00:54:29 -07:00
xt_length.c
xt_limit.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_owner.c CRED: Use creds in file structs 2008-11-14 10:39:25 +11:00
xt_physdev.c
xt_pkttype.c
xt_policy.c
xt_quota.c
xt_rateest.c
xt_realm.c
xt_recent.c netfilter: xt_recent: fix proc-file addition/removal of IPv4 addresses 2009-02-24 14:53:12 +01:00
xt_sctp.c netfilter: xt_sctp: sctp chunk mapping doesn't work 2009-02-09 14:34:56 -08:00
xt_socket.c tproxy: fixe a possible read from an invalid location in the socket match 2008-12-07 23:53:46 -08:00
xt_state.c
xt_statistic.c
xt_string.c
xt_tcpmss.c
xt_tcpudp.c
xt_time.c netfilter 08/09: xt_time: print timezone for user information 2009-01-12 21:18:36 -08:00
xt_u32.c