leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
83cabe33eb
linux/net/ipv4/netfilter
History
Andrew Collins c65ef8dc7b netfilter: nf_nat: Also handle non-ESTABLISHED routing changes in MASQUERADE 
Since (a0ecb85 netfilter: nf_nat: Handle routing changes in MASQUERADE
target), the MASQUERADE target handles routing changes which affect
the output interface of a connection, but only for ESTABLISHED
connections.  It is also possible for NEW connections which
already have a conntrack entry to be affected by routing changes.

This adds a check to drop entries in the NEW+conntrack state
when the oif has changed.

Signed-off-by: Andrew Collins <bsderandrew@gmail.com>
Acked-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2012-12-16 23:28:30 +01:00
..
arp_tables.c net: Allow userns root to control ipv4 2012-11-18 20:32:45 -05:00
arpt_mangle.c
arptable_filter.c
ip_tables.c net: Allow userns root to control ipv4 2012-11-18 20:32:45 -05:00
ipt_ah.c
ipt_CLUSTERIP.c net: remove obsolete simple_strto<foo> 2012-12-10 14:09:00 -05:00
ipt_ECN.c
ipt_MASQUERADE.c
ipt_REJECT.c netfilter: ip[6]t_REJECT: fix wrong transport header pointer in TCP reset 2012-12-16 23:27:35 +01:00
ipt_rpfilter.c
ipt_ULOG.c netlink: hide struct module parameter in netlink_kernel_create 2012-09-08 18:46:30 -04:00
iptable_filter.c
iptable_mangle.c
iptable_nat.c netfilter: nf_nat: Also handle non-ESTABLISHED routing changes in MASQUERADE 2012-12-16 23:28:30 +01:00
iptable_raw.c
iptable_security.c
Kconfig netfilter: combine ipt_REDIRECT and ip6t_REDIRECT 2012-09-21 12:12:05 +02:00
Makefile netfilter: combine ipt_REDIRECT and ip6t_REDIRECT 2012-09-21 12:12:05 +02:00
nf_conntrack_l3proto_ipv4_compat.c
nf_conntrack_l3proto_ipv4.c
nf_conntrack_proto_icmp.c
nf_defrag_ipv4.c
nf_nat_h323.c
nf_nat_l3proto_ipv4.c
nf_nat_pptp.c
nf_nat_proto_gre.c
nf_nat_proto_icmp.c
nf_nat_snmp_basic.c