Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-23 12:42:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
1621e70fc7
linux/tools
History
Jakub Kicinski 05a5474efe Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf 
Florian Westphal says:

====================
netfilter: bug fixes for net

1. Fix IP address check in irc DCC conntrack helper, this should check
   the opposite direction rather than the destination address of the
   packets' direction, from David Leadbeater.

2. bridge netfilter needs to drop dst references, from Harsh Modi.
   This was fine back in the day the code was originally written,
   but nowadays various tunnels can pre-set metadata dsts on packets.

3. Remove nf_conntrack_helper sysctl and the modparam toggle, users
   need to explicitily assign the helpers to use via nftables or
   iptables.  Conntrack helpers, by design, may be used to add dynamic
   port redirections to internal machines, so its necessary to restrict
   which hosts/peers are allowed to use them.
   It was discovered that improper checking in the irc DCC helper makes
   it possible to trigger the 'please do dynamic port forward'
   from outside by embedding a 'DCC' in a PING request; if the client
   echos that back a expectation/port forward gets added.
   The auto-assign-for-everything mechanism has been in "please don't do this"
   territory since 2012.  From Pablo.

4. Fix a memory leak in the netdev hook error unwind path, also from Pablo.

* git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
  netfilter: nf_conntrack_irc: Fix forged IP logic
  netfilter: nf_tables: clean up hook list when offload flags check fails
  netfilter: br_netfilter: Drop dst references before setting.
  netfilter: remove nf_conntrack_helper sysctl and modparam toggles
====================

Link: https://lore.kernel.org/r/20220901071238.3044-1-fw@strlen.de
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-09-02 19:38:25 -07:00
..
accounting delayacct: remove some unused variables 2022-06-16 19:58:21 -07:00
arch tools kvm headers arm64: Update KVM header from the kernel sources 2022-08-27 11:55:16 -03:00
bootconfig
bpf bpftool: Complete libbfd feature detection 2022-08-10 10:44:01 -03:00
build tools build: Switch to new openssl API for test-libcrypto 2022-08-10 10:44:02 -03:00
certs
cgroup tools: add memcg_shrinker.py 2022-07-03 18:08:40 -07:00
counter
debugging
edid
firewire
firmware
gpio
hv
iio
include perf tools: Fix compile error for x86 2022-08-22 09:44:19 -07:00
io_uring
kvm/kvm_stat tools/kvm_stat: fix display of error when multiple processes are found 2022-06-15 08:14:20 -04:00
laptop
leds
lib libperf: Add a test case for read formats 2022-08-19 15:56:44 -03:00
memory-model
objtool Misc fixes: 2022-08-28 10:10:23 -07:00
pci
pcmcia
perf perf stat: Capitalize topdown metrics' names 2022-08-27 11:55:17 -03:00
power platform-drivers-x86 for v6.0-1 2022-08-04 18:19:14 -07:00
rcu
scripts
spi spi: spidev_test: Warn when the mode is not the requested mode 2022-06-13 15:56:03 +01:00
testing Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf 2022-09-02 19:38:25 -07:00
thermal tools/thermal: Fix possible path truncations 2022-08-03 19:28:46 +02:00
time
tracing rtla: Consolidate and show all necessary libraries that failed for building 2022-08-10 12:03:02 -04:00
usb tools: usb: testusb: Add super-plus speed reporting 2022-07-08 14:54:49 +02:00
verification rv/monitor: Add the wwnr monitor 2022-07-30 14:01:30 -04:00
virtio tools/virtio: fix build 2022-08-11 04:26:07 -04:00
vm - The usual batches of cleanups from Baoquan He, Muchun Song, Miaohe 2022-08-05 16:32:45 -07:00
wmi
Makefile tools/nolibc: make the default target build the headers 2022-06-20 09:43:19 -07:00