linux/net/netfilter
Simon Horman e0aac52e17 ipvs: fix matching of fwmark templates during scheduling
Commit f11017ec2d (2.6.37)
moved the fwmark variable in subcontext that is invalidated before
reaching the ip_vs_ct_in_get call. As vaddr is provided as pointer
in the param structure make sure the fwmark variable is in
same context. As the fwmark templates can not be matched,
more and more template connections are created and the
controlled connections can not go to single real server.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Cc: stable@vger.kernel.org
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2012-02-04 20:27:58 +01:00
..
ipset netfilter: ipset: dumping error triggered removing references twice 2012-01-17 10:52:55 +01:00
ipvs ipvs: fix matching of fwmark templates during scheduling 2012-02-04 20:27:58 +01:00
core.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
Kconfig netfilter: Kconfig: fix unmet xt_nfacct dependencies 2011-12-29 14:39:19 -05:00
Makefile netfilter: xtables: move ipt_ecn to xt_ecn 2011-12-27 20:31:31 +01:00
nf_conntrack_acct.c Merge branch 'nf-next' of git://1984.lsi.us.es/net-next 2011-12-25 02:21:45 -05:00
nf_conntrack_amanda.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_conntrack_broadcast.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_core.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_conntrack_ecache.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_conntrack_expect.c netfilter: provide config option to disable ancient procfs parts 2011-12-27 20:45:28 +01:00
nf_conntrack_extend.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_conntrack_ftp.c module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
nf_conntrack_h323_asn1.c netfilter: h323: bug in parsing of ASN1 SEQOF field 2011-04-04 15:21:02 +02:00
nf_conntrack_h323_main.c module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: revert user-space expectation helper support 2012-01-16 14:01:23 +01:00
nf_conntrack_irc.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_l3proto_generic.c
nf_conntrack_netbios_ns.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_netlink.c netfilter: revert user-space expectation helper support 2012-01-16 14:01:23 +01:00
nf_conntrack_pptp.c netfilter: nf_ct_pptp: fix DNATed PPTP connection address translation 2011-08-30 15:23:03 +02:00
nf_conntrack_proto_dccp.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto_generic.c
nf_conntrack_proto_gre.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto_sctp.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto_tcp.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto_udp.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto_udplite.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
nf_conntrack_proto.c netfilter: rcu sparse cleanups 2010-11-15 19:45:13 +01:00
nf_conntrack_sane.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_sip.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_snmp.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_standalone.c netfilter: provide config option to disable ancient procfs parts 2011-12-27 20:45:28 +01:00
nf_conntrack_tftp.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_conntrack_timestamp.c module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
nf_internals.h netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_log.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_queue.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_sockopt.c
nf_tproxy_core.c netfilter: tproxy: do not assign timewait sockets to skb->sk 2011-02-17 11:32:38 +01:00
nfnetlink_acct.c netfilter: nfnetlink_acct: fix nfnl_acct_get operation 2012-01-01 16:36:08 +01:00
nfnetlink_log.c netfilter: Remove unnecessary OOM logging messages 2011-11-01 09:19:49 +01:00
nfnetlink_queue.c netfilter: nf_queue: reject NF_STOLEN verdicts from userspace 2011-08-30 15:01:20 +02:00
nfnetlink.c Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security 2012-01-14 18:36:33 -08:00
x_tables.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
xt_addrtype.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_AUDIT.c ipv6: Add fragment reporting to ipv6_skip_exthdr(). 2011-12-03 09:35:10 -08:00
xt_CHECKSUM.c netfilter: add CHECKSUM target 2010-07-15 17:20:46 +02:00
xt_CLASSIFY.c netfilter: xt_CLASSIFY: add ARP support, allow CLASSIFY target on any table 2010-11-15 13:57:56 +01:00
xt_cluster.c netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
xt_comment.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_connbytes.c Merge branch 'nf-next' of git://1984.lsi.us.es/net-next 2011-12-25 02:21:45 -05:00
xt_connlimit.c netfilter: xt_connlimit: remove connlimit_rnd_inited 2011-03-15 13:26:32 +01:00
xt_connmark.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_CONNSECMARK.c
xt_conntrack.c netfilter: revert a2361c8735 2011-05-10 12:13:36 +02:00
xt_cpu.c netfilter: xtables: add missing aliases for autoloading via iptables 2011-01-18 06:33:54 +01:00
xt_CT.c netfilter: revert user-space expectation helper support 2012-01-16 14:01:23 +01:00
xt_dccp.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_devgroup.c netfilter: xtables: add device group match 2011-02-03 00:05:43 +01:00
xt_dscp.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_DSCP.c netfilter: IPv6: fix DSCP mangle code 2011-05-10 10:00:21 +02:00
xt_ecn.c netfilter: xtables: collapse conditions in xt_ecn 2011-12-27 20:45:25 +01:00
xt_esp.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_hashlimit.c netfilter: xt_hashlimit: fix unused variable warning if IPv6 disabled 2012-01-16 13:40:54 +01:00
xt_helper.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_hl.c netfilter: Reduce switch/case indent 2011-07-01 16:11:15 -07:00
xt_HL.c netfilter: Reduce switch/case indent 2011-07-01 16:11:15 -07:00
xt_IDLETIMER.c netfilter: Remove unnecessary OOM logging messages 2011-11-01 09:19:49 +01:00
xt_iprange.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-02-04 14:28:58 -08:00
xt_ipvs.c IPVS: netns, use ip_vs_proto_data as param. 2011-01-13 10:30:27 +09:00
xt_LED.c netfilter: xtables: add missing aliases for autoloading via iptables 2011-01-18 06:33:54 +01:00
xt_length.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_limit.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_mac.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_mark.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_multiport.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_nfacct.c netfilter: xtables: add nfacct match to support extended accounting 2011-12-25 02:43:17 +01:00
xt_NFLOG.c
xt_NFQUEUE.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_NOTRACK.c netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
xt_osf.c net,rcu: convert call_rcu(xt_osf_finger_free_rcu) to kfree_rcu() 2011-05-07 22:51:12 -07:00
xt_owner.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_physdev.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_pkttype.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_policy.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_quota.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
xt_rateest.c netfilter: xt_rateest: fix xt_rateest_mt_checkentry() 2011-07-29 16:24:46 +02:00
xt_RATEEST.c net,rcu: Convert call_rcu(xt_rateest_free_rcu) to kfree_rcu() 2011-07-20 14:10:19 -07:00
xt_realm.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_recent.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
xt_repldata.h
xt_sctp.c netfilter: xt_sctp: use WORD_ROUND macro to calculate length of multiple of 4 bytes 2010-06-09 14:47:40 +02:00
xt_SECMARK.c secmark: make secmark object handling generic 2010-10-21 10:12:48 +11:00
xt_set.c Remove redundant linux/version.h includes from net/ 2011-06-21 16:03:17 -07:00
xt_socket.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_state.c netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
xt_statistic.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
xt_string.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_tcpmss.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_TCPMSS.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_TCPOPTSTRIP.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_tcpudp.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_TEE.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_time.c netfilter: remove unnecessary returns from void function()s 2010-05-13 15:16:27 +02:00
xt_TPROXY.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_TRACE.c
xt_u32.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00