diff options
| author | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-03-06 22:53:34 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-03-06 22:53:34 -0500 |
| commit | 5b3c1184e78dd7d74eced83b25af88cf1d13e686 (patch) | |
| tree | 2a172026fc3492a9cdd66bca1e57d019eb78bf28 /net/ipv4 | |
| parent | fe1b4ba400193176213f95be3ea711a53518a609 (diff) | |
| parent | 99c72ce091ec85868a0847e598eb7562dc0d8205 (diff) | |
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
[DCCP]: Set RTO for newly created child socket
[DCCP]: Correctly split CCID half connections
[NET]: Fix compat_sock_common_getsockopt typo.
[NET]: Revert incorrect accept queue backlog changes.
[INET]: twcal_jiffie should be unsigned long, not int
[GIANFAR]: Fix compile error in latest git
[PPPOE]: Use ifindex instead of device pointer in key lookups.
[NETFILTER]: ip6_route_me_harder should take into account mark
[NETFILTER]: nfnetlink_log: fix reference counting
[NETFILTER]: nfnetlink_log: fix module reference counting
[NETFILTER]: nfnetlink_log: fix possible NULL pointer dereference
[NETFILTER]: nfnetlink_log: fix NULL pointer dereference
[NETFILTER]: nfnetlink_log: fix use after free
[NETFILTER]: nfnetlink_log: fix reference leak
[NETFILTER]: tcp conntrack: accept SYN|URG as valid
[NETFILTER]: nf_conntrack/nf_nat: fix incorrect config ifdefs
[NETFILTER]: conntrack: fix {nf,ip}_ct_iterate_cleanup endless loops
Diffstat (limited to 'net/ipv4')
| -rw-r--r-- | net/ipv4/netfilter/ip_conntrack_core.c | 2 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 4 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 6 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_conntrack_proto_icmp.c | 6 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_nat_core.c | 3 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_gre.c | 3 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_icmp.c | 3 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_tcp.c | 3 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_udp.c | 3 |
9 files changed, 13 insertions, 20 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c index 07ba1dd136b5..23b99ae2cc37 100644 --- a/net/ipv4/netfilter/ip_conntrack_core.c +++ b/net/ipv4/netfilter/ip_conntrack_core.c | |||
| @@ -1254,7 +1254,7 @@ get_next_corpse(int (*iter)(struct ip_conntrack *i, void *data), | |||
| 1254 | list_for_each_entry(h, &unconfirmed, list) { | 1254 | list_for_each_entry(h, &unconfirmed, list) { |
| 1255 | ct = tuplehash_to_ctrack(h); | 1255 | ct = tuplehash_to_ctrack(h); |
| 1256 | if (iter(ct, data)) | 1256 | if (iter(ct, data)) |
| 1257 | goto found; | 1257 | set_bit(IPS_DYING_BIT, &ct->status); |
| 1258 | } | 1258 | } |
| 1259 | write_unlock_bh(&ip_conntrack_lock); | 1259 | write_unlock_bh(&ip_conntrack_lock); |
| 1260 | return NULL; | 1260 | return NULL; |
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c index 170d625fad67..0a72eab14620 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c | |||
| @@ -812,8 +812,10 @@ void ip_conntrack_tcp_update(struct sk_buff *skb, | |||
| 812 | static const u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG) + 1] = | 812 | static const u8 tcp_valid_flags[(TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG) + 1] = |
| 813 | { | 813 | { |
| 814 | [TH_SYN] = 1, | 814 | [TH_SYN] = 1, |
| 815 | [TH_SYN|TH_ACK] = 1, | ||
| 816 | [TH_SYN|TH_PUSH] = 1, | 815 | [TH_SYN|TH_PUSH] = 1, |
| 816 | [TH_SYN|TH_URG] = 1, | ||
| 817 | [TH_SYN|TH_PUSH|TH_URG] = 1, | ||
| 818 | [TH_SYN|TH_ACK] = 1, | ||
| 817 | [TH_SYN|TH_ACK|TH_PUSH] = 1, | 819 | [TH_SYN|TH_ACK|TH_PUSH] = 1, |
| 818 | [TH_RST] = 1, | 820 | [TH_RST] = 1, |
| 819 | [TH_RST|TH_ACK] = 1, | 821 | [TH_RST|TH_ACK] = 1, |
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c index b984db771258..8f3e92d20df8 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | |||
| @@ -379,8 +379,7 @@ getorigdst(struct sock *sk, int optval, void __user *user, int *len) | |||
| 379 | return -ENOENT; | 379 | return -ENOENT; |
| 380 | } | 380 | } |
| 381 | 381 | ||
| 382 | #if defined(CONFIG_NF_CT_NETLINK) || \ | 382 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
| 383 | defined(CONFIG_NF_CT_NETLINK_MODULE) | ||
| 384 | 383 | ||
| 385 | #include <linux/netfilter/nfnetlink.h> | 384 | #include <linux/netfilter/nfnetlink.h> |
| 386 | #include <linux/netfilter/nfnetlink_conntrack.h> | 385 | #include <linux/netfilter/nfnetlink_conntrack.h> |
| @@ -435,8 +434,7 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4 = { | |||
| 435 | .print_conntrack = ipv4_print_conntrack, | 434 | .print_conntrack = ipv4_print_conntrack, |
| 436 | .prepare = ipv4_prepare, | 435 | .prepare = ipv4_prepare, |
| 437 | .get_features = ipv4_get_features, | 436 | .get_features = ipv4_get_features, |
| 438 | #if defined(CONFIG_NF_CT_NETLINK) || \ | 437 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
| 439 | defined(CONFIG_NF_CT_NETLINK_MODULE) | ||
| 440 | .tuple_to_nfattr = ipv4_tuple_to_nfattr, | 438 | .tuple_to_nfattr = ipv4_tuple_to_nfattr, |
| 441 | .nfattr_to_tuple = ipv4_nfattr_to_tuple, | 439 | .nfattr_to_tuple = ipv4_nfattr_to_tuple, |
| 442 | #endif | 440 | #endif |
diff --git a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c index 88cfa6aacfc1..5fd1e5363c1a 100644 --- a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c +++ b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c | |||
| @@ -268,8 +268,7 @@ icmp_error(struct sk_buff *skb, unsigned int dataoff, | |||
| 268 | return icmp_error_message(skb, ctinfo, hooknum); | 268 | return icmp_error_message(skb, ctinfo, hooknum); |
| 269 | } | 269 | } |
| 270 | 270 | ||
| 271 | #if defined(CONFIG_NF_CT_NETLINK) || \ | 271 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
| 272 | defined(CONFIG_NF_CT_NETLINK_MODULE) | ||
| 273 | 272 | ||
| 274 | #include <linux/netfilter/nfnetlink.h> | 273 | #include <linux/netfilter/nfnetlink.h> |
| 275 | #include <linux/netfilter/nfnetlink_conntrack.h> | 274 | #include <linux/netfilter/nfnetlink_conntrack.h> |
| @@ -368,8 +367,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp = | |||
| 368 | .error = icmp_error, | 367 | .error = icmp_error, |
| 369 | .destroy = NULL, | 368 | .destroy = NULL, |
| 370 | .me = NULL, | 369 | .me = NULL, |
| 371 | #if defined(CONFIG_NF_CT_NETLINK) || \ | 370 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
| 372 | defined(CONFIG_NF_CT_NETLINK_MODULE) | ||
| 373 | .tuple_to_nfattr = icmp_tuple_to_nfattr, | 371 | .tuple_to_nfattr = icmp_tuple_to_nfattr, |
| 374 | .nfattr_to_tuple = icmp_nfattr_to_tuple, | 372 | .nfattr_to_tuple = icmp_nfattr_to_tuple, |
| 375 | #endif | 373 | #endif |
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c index 2c01378d3592..452e9d326684 100644 --- a/net/ipv4/netfilter/nf_nat_core.c +++ b/net/ipv4/netfilter/nf_nat_core.c | |||
| @@ -546,8 +546,7 @@ void nf_nat_protocol_unregister(struct nf_nat_protocol *proto) | |||
| 546 | } | 546 | } |
| 547 | EXPORT_SYMBOL(nf_nat_protocol_unregister); | 547 | EXPORT_SYMBOL(nf_nat_protocol_unregister); |
| 548 | 548 | ||
| 549 | #if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \ | 549 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
| 550 | defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE) | ||
| 551 | int | 550 | int |
| 552 | nf_nat_port_range_to_nfattr(struct sk_buff *skb, | 551 | nf_nat_port_range_to_nfattr(struct sk_buff *skb, |
| 553 | const struct nf_nat_range *range) | 552 | const struct nf_nat_range *range) |
diff --git a/net/ipv4/netfilter/nf_nat_proto_gre.c b/net/ipv4/netfilter/nf_nat_proto_gre.c index d3de579e09d2..e5a34c17d927 100644 --- a/net/ipv4/netfilter/nf_nat_proto_gre.c +++ b/net/ipv4/netfilter/nf_nat_proto_gre.c | |||
| @@ -152,8 +152,7 @@ static struct nf_nat_protocol gre __read_mostly = { | |||
| 152 | .manip_pkt = gre_manip_pkt, | 152 | .manip_pkt = gre_manip_pkt, |
| 153 | .in_range = gre_in_range, | 153 | .in_range = gre_in_range, |
| 154 | .unique_tuple = gre_unique_tuple, | 154 | .unique_tuple = gre_unique_tuple, |
| 155 | #if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \ | 155 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
| 156 | defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE) | ||
| 157 | .range_to_nfattr = nf_nat_port_range_to_nfattr, | 156 | .range_to_nfattr = nf_nat_port_range_to_nfattr, |
| 158 | .nfattr_to_range = nf_nat_port_nfattr_to_range, | 157 | .nfattr_to_range = nf_nat_port_nfattr_to_range, |
| 159 | #endif | 158 | #endif |
diff --git a/net/ipv4/netfilter/nf_nat_proto_icmp.c b/net/ipv4/netfilter/nf_nat_proto_icmp.c index 6bc2f06de055..f71ef9b5f428 100644 --- a/net/ipv4/netfilter/nf_nat_proto_icmp.c +++ b/net/ipv4/netfilter/nf_nat_proto_icmp.c | |||
| @@ -78,8 +78,7 @@ struct nf_nat_protocol nf_nat_protocol_icmp = { | |||
| 78 | .manip_pkt = icmp_manip_pkt, | 78 | .manip_pkt = icmp_manip_pkt, |
| 79 | .in_range = icmp_in_range, | 79 | .in_range = icmp_in_range, |
| 80 | .unique_tuple = icmp_unique_tuple, | 80 | .unique_tuple = icmp_unique_tuple, |
| 81 | #if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \ | 81 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
| 82 | defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE) | ||
| 83 | .range_to_nfattr = nf_nat_port_range_to_nfattr, | 82 | .range_to_nfattr = nf_nat_port_range_to_nfattr, |
| 84 | .nfattr_to_range = nf_nat_port_nfattr_to_range, | 83 | .nfattr_to_range = nf_nat_port_nfattr_to_range, |
| 85 | #endif | 84 | #endif |
diff --git a/net/ipv4/netfilter/nf_nat_proto_tcp.c b/net/ipv4/netfilter/nf_nat_proto_tcp.c index 439164c7a626..123c95913f28 100644 --- a/net/ipv4/netfilter/nf_nat_proto_tcp.c +++ b/net/ipv4/netfilter/nf_nat_proto_tcp.c | |||
| @@ -144,8 +144,7 @@ struct nf_nat_protocol nf_nat_protocol_tcp = { | |||
| 144 | .manip_pkt = tcp_manip_pkt, | 144 | .manip_pkt = tcp_manip_pkt, |
| 145 | .in_range = tcp_in_range, | 145 | .in_range = tcp_in_range, |
| 146 | .unique_tuple = tcp_unique_tuple, | 146 | .unique_tuple = tcp_unique_tuple, |
| 147 | #if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \ | 147 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
| 148 | defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE) | ||
| 149 | .range_to_nfattr = nf_nat_port_range_to_nfattr, | 148 | .range_to_nfattr = nf_nat_port_range_to_nfattr, |
| 150 | .nfattr_to_range = nf_nat_port_nfattr_to_range, | 149 | .nfattr_to_range = nf_nat_port_nfattr_to_range, |
| 151 | #endif | 150 | #endif |
diff --git a/net/ipv4/netfilter/nf_nat_proto_udp.c b/net/ipv4/netfilter/nf_nat_proto_udp.c index 8cae6e063bb6..1c4c70e25cd4 100644 --- a/net/ipv4/netfilter/nf_nat_proto_udp.c +++ b/net/ipv4/netfilter/nf_nat_proto_udp.c | |||
| @@ -134,8 +134,7 @@ struct nf_nat_protocol nf_nat_protocol_udp = { | |||
| 134 | .manip_pkt = udp_manip_pkt, | 134 | .manip_pkt = udp_manip_pkt, |
| 135 | .in_range = udp_in_range, | 135 | .in_range = udp_in_range, |
| 136 | .unique_tuple = udp_unique_tuple, | 136 | .unique_tuple = udp_unique_tuple, |
| 137 | #if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \ | 137 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
| 138 | defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE) | ||
| 139 | .range_to_nfattr = nf_nat_port_range_to_nfattr, | 138 | .range_to_nfattr = nf_nat_port_range_to_nfattr, |
| 140 | .nfattr_to_range = nf_nat_port_nfattr_to_range, | 139 | .nfattr_to_range = nf_nat_port_nfattr_to_range, |
| 141 | #endif | 140 | #endif |