kernel_optimize_test/net
Yasuyuki Kozakai 130e7a83d7 [NETFILTER]: nf_conntrack: Don't track locally generated special ICMP error
The conntrack assigned to locally generated ICMP error is usually the one
assigned to the original packet which has caused the error. But if
the original packet is handled as invalid by nf_conntrack, no conntrack
is assigned to the original packet. Then nf_ct_attach() cannot assign
any conntrack to the ICMP error packet. In that case the current
nf_conntrack_icmp assigns appropriate conntrack to it. But the current
code mistakes the direction of the packet. As a result, NAT code mistakes
the address to be mangled.

To fix the bug, this changes nf_conntrack_icmp not to assign conntrack
to such ICMP error. Actually no address is necessary to be mangled
in this case.

Spotted by Jordan Russell.

Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-14 20:45:41 -07:00
..
802 [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
8021q [VLAN]: Fix memset length 2007-07-14 18:56:30 -07:00
appletalk [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
atm [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
ax25 [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
bluetooth [Bluetooth] Add basics to better support and handle eSCO links 2007-07-11 07:35:32 +02:00
bridge Merge master.kernel.org:/pub/scm/linux/kernel/git/gregkh/driver-2.6 2007-07-12 13:40:20 -07:00
core [NET]: Add ethtool support for NETIF_F_IPV6_CSUM devices. 2007-07-14 19:07:52 -07:00
dccp [IPV6]: Do not send RH0 anymore. 2007-07-10 22:55:49 -07:00
decnet [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
econet [SK_BUFF]: Convert skb->tail to sk_buff_data_t 2007-04-25 22:26:28 -07:00
ethernet [ETH]: Validate address in eth_mac_addr 2007-07-11 19:41:18 -07:00
ieee80211 [PATCH] softmac: use list_for_each_entry 2007-07-08 22:16:37 -04:00
ipv4 [NETFILTER]: nf_conntrack: Don't track locally generated special ICMP error 2007-07-14 20:45:41 -07:00
ipv6 [NETFILTER]: nf_conntrack: Introduces nf_ct_get_tuplepr and uses it 2007-07-14 20:45:14 -07:00
ipx [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
irda [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
iucv [AF_IUCV]: Add lock when updating accept_q 2007-07-14 19:04:25 -07:00
key xfrm: Add security check before flushing SAD/SPD 2007-06-07 13:42:46 -07:00
lapb [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00
llc [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
mac80211 [PATCH] mac80211: improved 802.11g CTS protection 2007-07-12 16:07:26 -04:00
netfilter [NETFILTER]: nf_conntrack: Introduces nf_ct_get_tuplepr and uses it 2007-07-14 20:45:14 -07:00
netlabel [NetLabel]: consolidate the struct socket/sock handling to just struct sock 2007-06-08 13:33:09 -07:00
netlink [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
netrom [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
packet [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
rfkill [RFKILL]: fix net/rfkill/rfkill-input.c bug on 64-bit systems 2007-07-14 18:50:15 -07:00
rose [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
rxrpc [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
sched [NET_SCHED]: ematch: module autoloading 2007-07-11 19:46:26 -07:00
sctp [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
sunrpc Merge git://git.linux-nfs.org/pub/linux/nfs-2.6 2007-07-13 16:46:18 -07:00
tipc [TIPC]: Optimize stream send routine to avoid fragmentation 2007-07-10 22:06:12 -07:00
unix [AF_UNIX]: Rewrite garbage collector, fixes race. 2007-07-11 14:22:39 -07:00
wanrouter [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
wireless [PATCH] cfg80211: Radiotap parser 2007-07-12 16:07:24 -04:00
x25 [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
xfrm [XFRM] Introduce standalone SAD lookup 2007-07-10 22:16:35 -07:00
compat.c [NET]: Adding SO_TIMESTAMPNS / SCM_TIMESTAMPNS support 2007-04-25 22:24:21 -07:00
Kconfig [S390] Kconfig: no wireless on s390. 2007-05-10 15:46:08 +02:00
Makefile [RXRPC]: Remove Makefile reference to obsolete RXRPC config variable 2007-07-10 22:19:01 -07:00
nonet.c [PATCH] Make most file operations structs in fs/ const 2006-03-28 09:16:06 -08:00
socket.c Remove SLAB_CTOR_CONSTRUCTOR 2007-05-17 05:23:04 -07:00
sysctl_net.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
TUNABLE