Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
tjh.dev
kernel
os
linux
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
+6
-2
net/ipv4/fib_frontend.c
+6
-2
net/ipv4/fib_frontend.c
···
544
544
struct sk_buff *skb = NULL;
545
545
struct nlmsghdr *nlh = NULL;
546
546
struct fib_result_nl *frn;
547
-
int err;
548
547
u32 pid;
549
548
struct fib_table *tb;
550
549
551
-
skb = skb_recv_datagram(sk, 0, 0, &err);
550
+
skb = skb_dequeue(&sk->sk_receive_queue);
552
551
nlh = (struct nlmsghdr *)skb->data;
552
+
if (skb->len < NLMSG_SPACE(0) || skb->len < nlh->nlmsg_len ||
553
+
nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*frn))) {
554
+
kfree_skb(skb);
555
+
return;
556
+
}
553
557
554
558
frn = (struct fib_result_nl *) NLMSG_DATA(nlh);
555
559
tb = fib_get_table(frn->tb_id_in);
+20
-9
net/ipv4/netfilter/ip_conntrack_proto_tcp.c
+20
-9
net/ipv4/netfilter/ip_conntrack_proto_tcp.c
···
272
272
* sCL -> sCL
273
273
*/
274
274
/* sNO, sSS, sSR, sES, sFW, sCW, sLA, sTW, sCL, sLI */
275
-
/*ack*/ { sIV, sIV, sSR, sES, sCW, sCW, sTW, sTW, sCL, sIV },
275
+
/*ack*/ { sIV, sIG, sSR, sES, sCW, sCW, sTW, sTW, sCL, sIV },
276
276
/*
277
-
* sSS -> sIV Might be a half-open connection.
277
+
* sSS -> sIG Might be a half-open connection.
278
278
* sSR -> sSR Might answer late resent SYN.
279
279
* sES -> sES :-)
280
280
* sFW -> sCW Normal close request answered by ACK.
···
917
917
918
918
switch (new_state) {
919
919
case TCP_CONNTRACK_IGNORE:
920
-
/* Either SYN in ORIGINAL
921
-
* or SYN/ACK in REPLY. */
920
+
/* Ignored packets:
921
+
*
922
+
* a) SYN in ORIGINAL
923
+
* b) SYN/ACK in REPLY
924
+
* c) ACK in reply direction after initial SYN in original.
925
+
*/
922
926
if (index == TCP_SYNACK_SET
923
927
&& conntrack->proto.tcp.last_index == TCP_SYN_SET
924
928
&& conntrack->proto.tcp.last_dir != dir
···
989
985
}
990
986
case TCP_CONNTRACK_CLOSE:
991
987
if (index == TCP_RST_SET
992
-
&& test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status)
993
-
&& conntrack->proto.tcp.last_index == TCP_SYN_SET
988
+
&& ((test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status)
989
+
&& conntrack->proto.tcp.last_index == TCP_SYN_SET)
990
+
|| (!test_bit(IPS_ASSURED_BIT, &conntrack->status)
991
+
&& conntrack->proto.tcp.last_index == TCP_ACK_SET))
994
992
&& ntohl(th->ack_seq) == conntrack->proto.tcp.last_end) {
995
-
/* RST sent to invalid SYN we had let trough
996
-
* SYN was in window then, tear down connection.
993
+
/* RST sent to invalid SYN or ACK we had let trough
994
+
* at a) and c) above:
995
+
*
996
+
* a) SYN was in window then
997
+
* c) we hold a half-open connection.
998
+
*
999
+
* Delete our connection entry.
997
1000
* We skip window checking, because packet might ACK
998
-
* segments we ignored in the SYN. */
1001
+
* segments we ignored. */
999
1002
goto in_window;
1000
1003
}
1001
1004
/* Just fall trough */
+1
net/ipv4/netfilter/ipt_recent.c
+1
net/ipv4/netfilter/ipt_recent.c
···
532
532
}
533
533
if(info->seconds && info->hit_count) {
534
534
for(pkt_count = 0, hits_found = 0; pkt_count < ip_pkt_list_tot; pkt_count++) {
535
+
if(r_list[location].last_pkts[pkt_count] == 0) break;
535
536
if(time_before_eq(now,r_list[location].last_pkts[pkt_count]+info->seconds*HZ)) hits_found++;
536
537
}
537
538
if(hits_found >= info->hit_count) ans = !info->invert; else ans = info->invert;
+20
-9
net/netfilter/nf_conntrack_proto_tcp.c
+20
-9
net/netfilter/nf_conntrack_proto_tcp.c
···
280
280
* sCL -> sCL
281
281
*/
282
282
/* sNO, sSS, sSR, sES, sFW, sCW, sLA, sTW, sCL, sLI */
283
-
/*ack*/ { sIV, sIV, sSR, sES, sCW, sCW, sTW, sTW, sCL, sIV },
283
+
/*ack*/ { sIV, sIG, sSR, sES, sCW, sCW, sTW, sTW, sCL, sIV },
284
284
/*
285
-
* sSS -> sIV Might be a half-open connection.
285
+
* sSS -> sIG Might be a half-open connection.
286
286
* sSR -> sSR Might answer late resent SYN.
287
287
* sES -> sES :-)
288
288
* sFW -> sCW Normal close request answered by ACK.
···
912
912
913
913
switch (new_state) {
914
914
case TCP_CONNTRACK_IGNORE:
915
-
/* Either SYN in ORIGINAL
916
-
* or SYN/ACK in REPLY. */
915
+
/* Ignored packets:
916
+
*
917
+
* a) SYN in ORIGINAL
918
+
* b) SYN/ACK in REPLY
919
+
* c) ACK in reply direction after initial SYN in original.
920
+
*/
917
921
if (index == TCP_SYNACK_SET
918
922
&& conntrack->proto.tcp.last_index == TCP_SYN_SET
919
923
&& conntrack->proto.tcp.last_dir != dir
···
983
979
}
984
980
case TCP_CONNTRACK_CLOSE:
985
981
if (index == TCP_RST_SET
986
-
&& test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status)
987
-
&& conntrack->proto.tcp.last_index == TCP_SYN_SET
982
+
&& ((test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status)
983
+
&& conntrack->proto.tcp.last_index == TCP_SYN_SET)
984
+
|| (!test_bit(IPS_ASSURED_BIT, &conntrack->status)
985
+
&& conntrack->proto.tcp.last_index == TCP_ACK_SET))
988
986
&& ntohl(th->ack_seq) == conntrack->proto.tcp.last_end) {
989
-
/* RST sent to invalid SYN we had let trough
990
-
* SYN was in window then, tear down connection.
987
+
/* RST sent to invalid SYN or ACK we had let trough
988
+
* at a) and c) above:
989
+
*
990
+
* a) SYN was in window then
991
+
* c) we hold a half-open connection.
992
+
*
993
+
* Delete our connection entry.
991
994
* We skip window checking, because packet might ACK
992
-
* segments we ignored in the SYN. */
995
+
* segments we ignored. */
993
996
goto in_window;
994
997
}
995
998
/* Just fall trough */