kevin/linux
1
Fork 0
Code
8183e3a88a
linux/net
History
Changli Gao 8183e3a88a netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario 
We use the reply tuples when limiting the connections by the destination
addresses, however, in SNAT scenario, the final reply tuples won't be
ready until SNAT is done in POSTROUING or INPUT chain, and the following
nf_conntrack_find_get() in count_tem() will get nothing, so connlimit
can't work as expected.

In this patch, the original tuples are always used, and an additional
member addr is appended to save the address in either end.

Signed-off-by: Changli Gao <xiaosuo@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2011-03-15 13:23:28 +01:00
..
9p net: cleanup unused macros in net directory 2011-01-19 23:20:04 -08:00
802
8021q
appletalk
atm Merge branch 'for-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq 2011-01-07 16:58:04 -08:00
ax25 net: ax25: fix information leak to userland harder 2011-01-12 00:34:49 -08:00
batman-adv batman-adv: Use "__attribute__" shortcut macros 2011-01-16 03:25:19 +01:00
bluetooth Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/padovan/bluetooth-next-2.6 2011-01-04 14:25:28 -05:00
bridge bridge: netfilter: fix information leak 2011-02-14 16:49:23 +01:00
caif net: cleanup unused macros in net directory 2011-01-19 23:20:04 -08:00
can can: test size of struct sockaddr in sendmsg 2011-01-15 20:56:42 -08:00
ceph Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client 2011-01-13 10:25:24 -08:00
core net: implement mechanism for HW based QOS 2011-01-19 23:31:10 -08:00
dcb dcb: use after free in dcb_flushapp() 2011-01-06 11:16:54 -08:00
dccp Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2011-01-13 10:05:56 -08:00
decnet net: cleanup unused macros in net directory 2011-01-19 23:20:04 -08:00
dns_resolver
dsa net/dsa: don't use flush_scheduled_work() 2010-12-24 15:59:06 +01:00
econet
ethernet eth: fix new kernel-doc warning 2011-01-12 19:00:40 -08:00
ieee802154
ipv4 netfilter: nf_nat: place conntrack in source hash after SNAT is done 2011-01-20 15:49:52 +01:00
ipv6 netfilter: add a missing include in nf_conntrack_reasm.c 2011-01-20 21:00:38 +01:00
ipx
irda Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-26 22:37:05 -08:00
iucv [S390] irq: have detailed statistics for interrupt types 2011-01-05 12:47:25 +01:00
key
l2tp
lapb
llc
mac80211 mac80211: use maximum number of AMPDU frames as default in BA RX 2011-01-13 15:46:45 -05:00
netfilter netfilter: xt_connlimit: fix daddr connlimit in SNAT scenario 2011-03-15 13:23:28 +01:00
netlabel
netlink netlink: test for all flags of the NLM_F_DUMP composite 2011-01-09 16:25:03 -08:00
netrom
packet net: cleanup unused macros in net directory 2011-01-19 23:20:04 -08:00
phonet phonet: some signedness bugs 2011-01-10 13:33:17 -08:00
rds net: cleanup unused macros in net directory 2011-01-19 23:20:04 -08:00
rfkill
rose
rxrpc rxrpc: rxrpc_workqueue isn't used during memory reclaim 2011-01-14 09:25:11 -08:00
sched Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6 2011-01-20 00:06:15 -08:00
sctp
sunrpc Merge branch 'for-2.6.38' of git://linux-nfs.org/~bfields/linux 2011-01-14 13:17:26 -08:00
tipc tipc: update log.h re-include protection to reflect new name 2011-01-01 14:56:18 -08:00
unix af_unix: coding style: remove one level of indentation in unix_shutdown() 2011-01-19 23:31:11 -08:00
wanrouter net: cleanup unused macros in net directory 2011-01-19 23:20:04 -08:00
wimax
wireless cfg80211: fix transposition of words in printk 2011-01-04 14:43:01 -05:00
x25
xfrm xfrm: check trunc_len in XFRMA_ALG_AUTH_TRUNC 2011-01-11 14:03:09 -08:00
compat.c
Kconfig Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2011-01-13 10:05:56 -08:00
Makefile
nonet.c
socket.c pass default dentry_operations to mount_pseudo() 2011-01-12 20:03:43 -05:00
sysctl_net.c
TUNABLE