Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-02 02:01:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
33b6223190
linux/net/ipv4/netfilter
History
Pablo Neira Ayuso ff21d5774b [NETFILTER]: fix list traversal order in ctnetlink 
Currently conntracks are inserted after the head. That means that
conntracks are sorted from the biggest to the smallest id. This happens
because we use list_prepend (list_add) instead list_add_tail. This can
result in problems during the list iteration.

                 list_for_each(i, &ip_conntrack_hash[cb->args[0]]) {
                         h = (struct ip_conntrack_tuple_hash *) i;
                         if (DIRECTION(h) != IP_CT_DIR_ORIGINAL)
                                 continue;
                         ct = tuplehash_to_ctrack(h);
                         if (ct->id <= *id)
                                 continue;

In that case just the first conntrack in the bucket will be dumped. To
fix this, we iterate the list from the tail to the head via
list_for_each_prev. Same thing for the list of expectations.

Signed-off-by: Pablo Neira Ayuso <pablo@eurodev.net>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-08-29 15:40:25 -07:00
..
arp_tables.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
arpt_mangle.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
arptable_filter.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_conntrack_amanda.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_conntrack_core.c [NETFILTER]: fix conntrack refcount leak in unlink_expect() 2005-08-29 15:40:17 -07:00
ip_conntrack_ftp.c [NETFILTER]: connection tracking event notifiers 2005-08-29 15:31:24 -07:00
ip_conntrack_irc.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_conntrack_netlink.c [NETFILTER]: fix list traversal order in ctnetlink 2005-08-29 15:40:25 -07:00
ip_conntrack_proto_generic.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_conntrack_proto_icmp.c [NETFILTER]: Extend netfilter logging API 2005-08-29 15:38:07 -07:00
ip_conntrack_proto_sctp.c [NETFILTER]: Add ctnetlink subsystem 2005-08-29 15:31:49 -07:00
ip_conntrack_proto_tcp.c [NETFILTER]: Extend netfilter logging API 2005-08-29 15:38:07 -07:00
ip_conntrack_proto_udp.c [NETFILTER]: Extend netfilter logging API 2005-08-29 15:38:07 -07:00
ip_conntrack_standalone.c [NETFILTER]: Fix multiple problems with the conntrack event cache 2005-08-29 15:38:54 -07:00
ip_conntrack_tftp.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_amanda.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_core.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ip_nat_ftp.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_helper.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ip_nat_irc.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_proto_icmp.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ip_nat_proto_tcp.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ip_nat_proto_udp.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ip_nat_proto_unknown.c [NETFILTER]: C99 initizalizers for NAT protocols 2005-08-29 15:33:34 -07:00
ip_nat_rule.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ip_nat_snmp_basic.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ip_nat_standalone.c [NETFILTER]: Add ctnetlink subsystem 2005-08-29 15:31:49 -07:00
ip_nat_tftp.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_queue.c [NETFILTER]: Core changes required by upcoming nfnetlink_queue code 2005-08-29 15:36:49 -07:00
ip_tables.c [NETFILTER]: reduce netfilter sk_buff enlargement 2005-08-29 15:31:04 -07:00
ipt_addrtype.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ah.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_CLASSIFY.c [NETFILTER]: reduce netfilter sk_buff enlargement 2005-08-29 15:31:04 -07:00
ipt_CLUSTERIP.c [NETFILTER]: convert nfmark and conntrack mark to 32bit 2005-08-29 15:29:31 -07:00
ipt_comment.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_connmark.c [NETFILTER]: convert nfmark and conntrack mark to 32bit 2005-08-29 15:29:31 -07:00
ipt_CONNMARK.c [NETFILTER]: reduce netfilter sk_buff enlargement 2005-08-29 15:31:04 -07:00
ipt_conntrack.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_dscp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_DSCP.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ipt_ecn.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ECN.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ipt_esp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_hashlimit.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ipt_helper.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ipt_iprange.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_length.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_limit.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_LOG.c [NETFILTER]: Extend netfilter logging API 2005-08-29 15:38:07 -07:00
ipt_mac.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_mark.c [NETFILTER]: convert nfmark and conntrack mark to 32bit 2005-08-29 15:29:31 -07:00
ipt_MARK.c [NETFILTER]: reduce netfilter sk_buff enlargement 2005-08-29 15:31:04 -07:00
ipt_MASQUERADE.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ipt_multiport.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_NETMAP.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_NFQUEUE.c [NETFILTER]: Add "nfnetlink_queue" netfilter queue handler over nfnetlink 2005-08-29 15:36:56 -07:00
ipt_NOTRACK.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_owner.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_physdev.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_pkttype.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_realm.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_recent.c [NETFILTER]: ipt_recent: last_pkts is an array of "unsigned long" not "u_int32_t" 2005-06-15 20:51:14 -07:00
ipt_REDIRECT.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_REJECT.c [NETFILTER]: reduce netfilter sk_buff enlargement 2005-08-29 15:31:04 -07:00
ipt_SAME.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_sctp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_state.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_tcpmss.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_TCPMSS.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ipt_tos.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_TOS.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ipt_ttl.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ULOG.c [NETFILTER]: Extend netfilter logging API 2005-08-29 15:38:07 -07:00
iptable_filter.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
iptable_mangle.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
iptable_raw.c [NETFILTER]: Missing owner-field initialization in iptable_raw 2005-05-03 14:23:13 -07:00
Kconfig [NETFILTER]: Add "nfnetlink_queue" netfilter queue handler over nfnetlink 2005-08-29 15:36:56 -07:00
Makefile [NETFILTER]: Add "nfnetlink_queue" netfilter queue handler over nfnetlink 2005-08-29 15:36:56 -07:00