q3k/linux
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
linux/net/ipv4/netfilter
History
Patrick McHardy a3a9f79e36 netfilter: tcp conntrack: fix unacknowledged data detection with NAT 
When NAT helpers change the TCP packet size, the highest seen sequence
number needs to be corrected. This is currently only done upwards, when
the packet size is reduced the sequence number is unchanged. This causes
TCP conntrack to falsely detect unacknowledged data and decrease the
timeout.

Fix by updating the highest seen sequence number in both directions after
packet mangling.

Tested-by: Krzysztof Piotr Oledzki <ole@ans.pl>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2009-06-29 14:07:56 +02:00
..
arp_tables.c netfilter: xtables: remove another level of indent 2009-05-08 10:30:49 +02:00
arpt_mangle.c
arptable_filter.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
ip_queue.c netfilter: queue: use NFPROTO_ for queue callsites 2009-05-08 10:30:46 +02:00
ip_tables.c netfilter: ip_tables: fix build error 2009-06-12 01:53:09 +02:00
ipt_addrtype.c
ipt_ah.c
ipt_CLUSTERIP.c
ipt_ECN.c
ipt_ecn.c
ipt_LOG.c netfilter: use a linked list of loggers 2009-03-16 14:54:21 +01:00
ipt_MASQUERADE.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-06-11 16:00:49 +02:00
ipt_NETMAP.c
ipt_REDIRECT.c
ipt_REJECT.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
ipt_ULOG.c netfilter: use a linked list of loggers 2009-03-16 14:54:21 +01:00
iptable_filter.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
iptable_mangle.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
iptable_raw.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
iptable_security.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
Kconfig netfilter: Kconfig spelling fixes (trivial) 2009-03-16 15:17:23 +01:00
Makefile netfilter: Combine ipt_ttl and ip6t_hl source 2009-02-18 18:39:31 +01:00
nf_conntrack_l3proto_ipv4.c netfilter: nf_conntrack: calculate per-protocol nlattr size 2009-03-25 21:53:39 +01:00
nf_conntrack_l3proto_ipv4_compat.c netfilter: nf_conntrack: use SLAB_DESTROY_BY_RCU and get rid of call_rcu() 2009-03-25 21:05:46 +01:00
nf_conntrack_proto_icmp.c netfilter: nf_ct_icmp: keep the ICMP ct entries longer 2009-06-08 15:53:43 +02:00
nf_defrag_ipv4.c
nf_nat_amanda.c
nf_nat_core.c netfilter: nf_nat: add support for persistent mappings 2009-04-16 18:33:01 +02:00
nf_nat_ftp.c
nf_nat_h323.c
nf_nat_helper.c netfilter: tcp conntrack: fix unacknowledged data detection with NAT 2009-06-29 14:07:56 +02:00
nf_nat_irc.c
nf_nat_pptp.c
nf_nat_proto_common.c
nf_nat_proto_dccp.c
nf_nat_proto_gre.c
nf_nat_proto_icmp.c
nf_nat_proto_sctp.c netfilter: Fix extra semi-colon in skb_walk_frags() changes. 2009-06-09 18:05:28 -07:00
nf_nat_proto_tcp.c
nf_nat_proto_udp.c
nf_nat_proto_udplite.c
nf_nat_proto_unknown.c
nf_nat_rule.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
nf_nat_sip.c
nf_nat_snmp_basic.c
nf_nat_standalone.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
nf_nat_tftp.c