p71924506
/
linux_old1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
linux_old1/net
History
Pablo Neira Ayuso af9573be67 netfilter: nf_conntrack_bridge: register inet conntrack for bridge 
This patch enables IPv4 and IPv6 conntrack from the bridge to deal with
local traffic. Hence, packets that are passed up to the local input path
are confirmed later on from the {ipv4,ipv6}_confirm() hooks.

For packets leaving the IP stack (ie. output path), fragmentation occurs
after the inet postrouting hook. Therefore, the bridge local out and
postrouting bridge hooks see fragments with conntrack objects, which is
inconsistent. In this case, we could defragment again from the bridge
output hook, but this is expensive. The recommended filtering spot for
outgoing locally generated traffic leaving through the bridge interface
is to use the classic IPv4/IPv6 output hook, which comes earlier.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2019-05-30 14:18:18 -07:00
..
6lowpan treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
9p treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
802 treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
8021q Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-05-22 08:28:16 -07:00
appletalk treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
atm treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
ax25 treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
batman-adv This feature/cleanup patchset includes the following patches: 2019-05-09 09:44:17 -07:00
bluetooth treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
bpf treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
bpfilter treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
bridge netfilter: nf_conntrack_bridge: add support for IPv6 2019-05-30 14:18:18 -07:00
caif SPDX update for 5.2-rc2, round 1 2019-05-21 12:33:38 -07:00
can treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
ceph treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
core flow_offload: use struct_size() in kzalloc() 2019-05-25 10:57:58 -07:00
dcb treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
dccp treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
decnet treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 24 2019-05-21 11:52:39 +02:00
dns_resolver treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
dsa net: dsa: Use PHYLINK for the CPU/DSA ports 2019-05-29 21:48:53 -07:00
ethernet treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
hsr treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
ieee802154 inet: frags: call inet_frags_fini() after unregister_pernet_subsys() 2019-05-28 17:22:15 -07:00
ife treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
ipv4 net: ipv4: place control buffer handling away from fragmentation iterators 2019-05-30 14:18:18 -07:00
ipv6 netfilter: nf_conntrack_bridge: add support for IPv6 2019-05-30 14:18:18 -07:00
iucv treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
kcm treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
key treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
l2tp treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
l3mdev treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
lapb treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
llc treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
mac80211 treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
mac802154 treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
mpls treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
ncsi treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
netfilter netfilter: nf_conntrack_bridge: register inet conntrack for bridge 2019-05-30 14:18:18 -07:00
netlabel treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
netlink SPDX update for 5.2-rc2, round 1 2019-05-21 12:33:38 -07:00
netrom treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
nfc treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
nsh treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
openvswitch treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
packet treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
phonet SPDX update for 5.2-rc2, round 1 2019-05-21 12:33:38 -07:00
psample treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
qrtr Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-05-22 08:28:16 -07:00
rds treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
rfkill treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
rose treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
rxrpc treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
sched net: sched: Introduce act_ctinfo action 2019-05-29 21:43:54 -07:00
sctp treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
smc treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
strparser treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
sunrpc treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
switchdev treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
tipc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-05-22 08:28:16 -07:00
tls treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
unix net: Add UNIX_DIAG_UID to Netlink UNIX socket diagnostics. 2019-05-22 10:36:35 -07:00
vmw_vsock hv_sock: perf: loop in send() to maximize bandwidth 2019-05-22 18:00:36 -07:00
wimax treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
wireless treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
x25 treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
xdp treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
xfrm SPDX update for 5.2-rc2, round 1 2019-05-21 12:33:38 -07:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile net: split out functions related to registering inflight socket files 2019-02-28 08:24:23 -07:00
compat.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
socket.c net: fix kernel-doc warnings for socket.c 2019-05-19 10:33:22 -07:00
sysctl_net.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00