davidlt/kernel-ark
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1cde64365b
kernel-ark/net/ipv4/netfilter
History
Pablo Neira Ayuso 1cde64365b [NETFILTER]: ctnetlink: Fix expectaction mask dumping 
The expectation mask has some particularities that requires a different
handling. The protocol number fields can be set to non-valid protocols,
ie. l3num is set to 0xFFFF. Since that protocol does not exist, the mask
tuple will not be dumped. Moreover, this results in a kernel panic when
nf_conntrack accesses the array of protocol handlers, that is PF_MAX (0x1F)
long.

This patch introduces the function ctnetlink_exp_dump_mask, that correctly
dumps the expectation mask. Such function uses the l3num value from the
expectation tuple that is a valid layer 3 protocol number. The value of the
l3num mask isn't dumped since it is meaningless from the userspace side.

Thanks to Yasuyuki Kozakai and Patrick McHardy for the feedback.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-03-22 13:54:15 -08:00
..
arp_tables.c [NET]: sem2mutex part 2 2006-03-20 22:35:41 -08:00
arpt_mangle.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
arptable_filter.c [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
ip_conntrack_amanda.c
ip_conntrack_core.c
ip_conntrack_ftp.c
ip_conntrack_helper_h323_asn1.c [NETFILTER]: Add H.323 conntrack/NAT helper 2006-03-20 23:41:17 -08:00
ip_conntrack_helper_h323_asn1.h [NETFILTER]: Add H.323 conntrack/NAT helper 2006-03-20 23:41:17 -08:00
ip_conntrack_helper_h323_types.c [NETFILTER]: Add H.323 conntrack/NAT helper 2006-03-20 23:41:17 -08:00
ip_conntrack_helper_h323_types.h [NETFILTER]: Add H.323 conntrack/NAT helper 2006-03-20 23:41:17 -08:00
ip_conntrack_helper_h323.c [NETFILTER]: Add H.323 conntrack/NAT helper 2006-03-20 23:41:17 -08:00
ip_conntrack_helper_pptp.c
ip_conntrack_irc.c
ip_conntrack_netbios_ns.c
ip_conntrack_netlink.c [NETFILTER]: ctnetlink: Fix expectaction mask dumping 2006-03-22 13:54:15 -08:00
ip_conntrack_proto_generic.c
ip_conntrack_proto_gre.c [NETFILTER]: ip_conntrack_proto_gre.c needs linux/interrupt.h 2006-01-17 02:42:02 -08:00
ip_conntrack_proto_icmp.c
ip_conntrack_proto_sctp.c
ip_conntrack_proto_tcp.c
ip_conntrack_proto_udp.c
ip_conntrack_standalone.c [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
ip_conntrack_tftp.c [NETFILTER]: Fix missing src port initialization in tftp expectation mask 2006-02-04 23:51:21 -08:00
ip_nat_amanda.c
ip_nat_core.c [NETFILTER]: Fix NAT PMTUD problems 2006-02-19 22:26:40 -08:00
ip_nat_ftp.c
ip_nat_helper_h323.c [NETFILTER]: Add H.323 conntrack/NAT helper 2006-03-20 23:41:17 -08:00
ip_nat_helper_pptp.c [NETFILTER]: Fix CID offset bug in PPTP NAT helper debug message 2006-03-20 17:58:21 -08:00
ip_nat_helper.c
ip_nat_irc.c
ip_nat_proto_gre.c
ip_nat_proto_icmp.c
ip_nat_proto_tcp.c
ip_nat_proto_udp.c
ip_nat_proto_unknown.c
ip_nat_rule.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ip_nat_snmp_basic.c [NETFILTER]: Fix warnings in ip_nat_snmp_basic.c 2006-03-20 22:36:21 -08:00
ip_nat_standalone.c [NETFILTER]: Fix outgoing redirects to loopback 2006-02-19 22:29:47 -08:00
ip_nat_tftp.c
ip_queue.c [NET] sem2mutex: net/ 2006-03-20 22:33:17 -08:00
ip_tables.c [NET]: sem2mutex part 2 2006-03-20 22:35:41 -08:00
ipt_addrtype.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_ah.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_CLUSTERIP.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_dscp.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_DSCP.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_ecn.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_ECN.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_esp.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_hashlimit.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_iprange.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_LOG.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_MASQUERADE.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_multiport.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_NETMAP.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_owner.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_recent.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_REDIRECT.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_REJECT.c [NETFILTER]: Fix skb->nf_bridge lifetime issues 2006-03-20 19:23:05 -08:00
ipt_SAME.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_TCPMSS.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_tos.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_TOS.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_ttl.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_TTL.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
ipt_ULOG.c [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions 2006-03-20 18:02:56 -08:00
iptable_filter.c [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
iptable_mangle.c [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
iptable_raw.c [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
Kconfig [NETFILTER]: Add H.323 conntrack/NAT helper 2006-03-20 23:41:17 -08:00
Makefile [NETFILTER]: Add H.323 conntrack/NAT helper 2006-03-20 23:41:17 -08:00
nf_conntrack_l3proto_ipv4.c [NETFILTER] nf_conntrack: clean up to reduce size of 'struct nf_conn' 2006-03-20 17:56:32 -08:00
nf_conntrack_proto_icmp.c