Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-22 12:11:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
99d051c4b3
linux/net/ipv4/netfilter
History
Florian Westphal 05ef7055de netfilter: fib: check correct rtable in vrf setups 
We need to init l3mdev unconditionally, else main routing table is searched
and incorrect result is returned unless strict (iif keyword) matching is
requested.

Next patch adds a selftest for this.

Fixes: 2a8a7c0eaa ("netfilter: nft_fib: Fix for rpath check with VRF devices")
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1761
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2024-10-09 23:30:31 +02:00
..
arp_tables.c netfilter: Use kmemdup_array instead of kmemdup for multiple allocation 2024-09-03 10:47:16 +02:00
arpt_mangle.c
arptable_filter.c netfilter: arp_tables: allow use of arpt_do_table as hookfn 2021-10-14 23:06:53 +02:00
ip_tables.c netfilter: Use kmemdup_array instead of kmemdup for multiple allocation 2024-09-03 10:47:16 +02:00
ipt_ah.c
ipt_ECN.c
ipt_REJECT.c
ipt_rpfilter.c netfilter: rpfilter: Unmask upper DSCP bits 2024-08-22 16:59:57 -07:00
ipt_SYNPROXY.c
iptable_filter.c netfilter: use NF_DROP instead of -NF_DROP 2024-05-06 16:29:21 +02:00
iptable_mangle.c netfilter: xt_mangle: only check verdict part of return value 2023-10-18 10:26:43 +02:00
iptable_nat.c netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init(). 2024-07-31 23:20:50 +02:00
iptable_raw.c netfilter: add missing module descriptions 2023-11-08 13:52:32 +01:00
iptable_security.c netfilter: iptables: allow use of ipt_do_table as hookfn 2021-10-14 23:06:53 +02:00
Kconfig netfilter: arptables: Select NETFILTER_FAMILY_ARP when building arp_tables.c 2024-03-28 03:54:02 +01:00
Makefile netfilter: xtables: allow xtables-nft only builds 2024-01-29 15:43:21 +01:00
nf_defrag_ipv4.c netfilter: add missing module descriptions 2023-11-08 13:52:32 +01:00
nf_dup_ipv4.c netfilter: nf_tables: prevent nf_skb_duplicated corruption 2024-09-27 13:55:46 +02:00
nf_nat_h323.c netfilter: nat: move repetitive nat port reserve loop to a helper 2022-09-07 16:46:04 +02:00
nf_nat_pptp.c netfilter: conntrack: pptp: use single option structure 2022-02-04 06:30:28 +01:00
nf_nat_snmp_basic_main.c
nf_nat_snmp_basic.asn1 treewide: Add SPDX identifier to IETF ASN.1 modules 2023-10-27 18:04:28 +08:00
nf_reject_ipv4.c netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n 2024-09-26 13:03:02 +02:00
nf_socket_ipv4.c tcp: Access &tcp_hashinfo via net. 2022-09-20 10:21:49 -07:00
nf_tproxy_ipv4.c netfilter: tproxy: bail out if IP has been disabled on the device 2024-05-29 00:37:51 +02:00
nft_dup_ipv4.c netfilter: nf_tables: pass context structure to nft_parse_register_load 2024-08-20 12:37:24 +02:00
nft_fib_ipv4.c netfilter: fib: check correct rtable in vrf setups 2024-10-09 23:30:31 +02:00
nft_reject_ipv4.c netfilter: nf_tables: do not reduce read-only expressions 2022-03-20 00:29:46 +01:00