These patches fix a couple of bugs in netfilter: a bug in ct_extend,
causing invalid memory accesses when DNATing a connection to a port
using a connection tracking helper, the TCP connection reopening bug,
causing slowdowns by dropping connection reopening attempts, and
a typo and missing #include in xt_iprange.
Please apply, thanks.
include/net/netfilter/nf_conntrack_extend.h | 2 +-
net/ipv4/netfilter/nf_nat_core.c | 6 ++--
net/netfilter/nf_conntrack_extend.c | 3 +-
net/netfilter/nf_conntrack_proto_tcp.c | 32 +++++++++++++++++++++-----
net/netfilter/xt_iprange.c | 3 +-
5 files changed, 34 insertions(+), 12 deletions(-)
Jan Engelhardt (1):
[NETFILTER]: xt_iprange: add missing #include
Jozsef Kadlecsik (1):
[NETFILTER]: nf_conntrack: TCP conntrack reopening fix
Patrick McHardy (2):
[NETFILTER]: nf_conntrack: fix ct_extend ->move operation
[NETFILTER]: xt_iprange: fix typo in address family
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
