Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-26 14:12:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
A mirror of the official Linux kernel repository just in case
1,227,389 Commits 7 Branches 862 Tags 6.4 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
80abbe8a82
Go to file
Florian Westphal 80abbe8a82 netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses 
The ipv6 redirect target was derived from the ipv4 one, i.e. its
identical to a 'dnat' with the first (primary) address assigned to the
network interface.  The code has been moved around to make it usable
from nf_tables too, but its still the same as it was back when this
was added in 2012.

IPv6, however, has different types of addresses, if the 'wrong' address
comes first the redirection does not work.

In Daniels case, the addresses are:
  inet6 ::ffff:192 ...
  inet6 2a01: ...

... so the function attempts to redirect to the mapped address.

Add more checks before the address is deemed correct:
1. If the packets' daddr is scoped, search for a scoped address too
2. skip tentative addresses
3. skip mapped addresses

Use the first address that appears to match our needs.

Reported-by: Daniel Huhardeaux <tech@tootai.net>
Closes: https://lore.kernel.org/netfilter/71be06b8-6aa0-4cf9-9e0b-e2839b01b22f@tootai.net/
Fixes: 115e23ac78 ("netfilter: ip6tables: add REDIRECT target")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2023-11-08 16:40:30 +01:00
arch asm-generic updates for v6.7 2023-11-01 15:28:33 -10:00
block for-6.7/block-2023-10-30 2023-11-01 12:30:07 -10:00
certs certs: Reference revocation list for all keyrings 2023-08-17 20:12:41 +00:00
crypto KEYS: asymmetric: Fix sign/verify on pkcs1pad without a hash 2023-10-18 12:27:10 +08:00
Documentation net/smc: fix documentation of buffer sizes 2023-11-02 12:50:17 +01:00
drivers octeontx2-pf: Free pending and dropped SQEs 2023-11-06 08:57:15 +00:00
fs Bootconfig for v6.7: 2023-11-01 16:07:05 -10:00
include nfsd: regenerate user space parsers after ynl-gen changes 2023-11-06 09:03:46 +00:00
init asm-generic updates for v6.7 2023-11-01 15:28:33 -10:00
io_uring io_uring-futex-2023-10-30 2023-11-01 11:25:08 -10:00
ipc ipc: convert to new timestamp accessors 2023-10-18 14:08:30 +02:00
kernel Probes updates for v6.7: 2023-11-01 16:15:42 -10:00
lib Probes updates for v6.7: 2023-11-01 16:15:42 -10:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
mm asm-generic updates for v6.7 2023-11-01 15:28:33 -10:00
net netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses 2023-11-08 16:40:30 +01:00
rust workqueue: Add rust bindings for v6.7 2023-10-30 20:35:48 -10:00
samples Probes updates for v6.7: 2023-11-01 16:15:42 -10:00
scripts asm-generic updates for v6.7 2023-11-01 15:28:33 -10:00
security for-6.7/block-2023-10-30 2023-11-01 12:30:07 -10:00
sound vfs-6.7.iov_iter 2023-10-30 09:24:21 -10:00
tools nfsd: regenerate user space parsers after ynl-gen changes 2023-11-06 09:03:46 +00:00
usr arch: Remove Itanium (IA-64) architecture 2023-09-11 08:13:17 +00:00
virt ARM: 2023-09-07 13:52:20 -07:00
.clang-format iommu: Add for_each_group_device() 2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore kbuild: rpm-pkg: rename binkernel.spec to kernel.spec 2023-07-25 00:59:33 +09:00
.mailmap 20 hotfixes. 12 are cc:stable and the remainder address post-6.5 issues 2023-10-24 09:52:16 -10:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS USB: Remove Wireless USB and UWB documentation 2023-08-09 14:17:32 +02:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS Probes updates for v6.7: 2023-11-01 16:15:42 -10:00
Makefile asm-generic updates for v6.7 2023-11-01 15:28:33 -10:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.