commit deda498710e190c7922c2634ed630ee64ce86c05 · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

fork atom

Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

Linus Torvalds 20 years ago deda4987 ca98f825

+47 -20

4 changed files

expand all

unified split

net

ipv4

fib_frontend.c

netfilter

ip_conntrack_proto_tcp.c

ipt_recent.c

netfilter

nf_conntrack_proto_tcp.c

+6 -2

net/ipv4/fib_frontend.c

··· 544 struct sk_buff *skb = NULL; 545 struct nlmsghdr *nlh = NULL; 546 struct fib_result_nl *frn; 547 - int err; 548 u32 pid; 549 struct fib_table *tb; 550 551 - skb = skb_recv_datagram(sk, 0, 0, &err); 552 nlh = (struct nlmsghdr *)skb->data; 553 554 frn = (struct fib_result_nl *) NLMSG_DATA(nlh); 555 tb = fib_get_table(frn->tb_id_in);

··· 544 struct sk_buff *skb = NULL; 545 struct nlmsghdr *nlh = NULL; 546 struct fib_result_nl *frn; 547 u32 pid; 548 struct fib_table *tb; 549 550 + skb = skb_dequeue(&sk->sk_receive_queue); 551 nlh = (struct nlmsghdr *)skb->data; 552 + if (skb->len < NLMSG_SPACE(0) || skb->len < nlh->nlmsg_len || 553 + nlh->nlmsg_len < NLMSG_LENGTH(sizeof(*frn))) { 554 + kfree_skb(skb); 555 + return; 556 + } 557 558 frn = (struct fib_result_nl *) NLMSG_DATA(nlh); 559 tb = fib_get_table(frn->tb_id_in);

+20 -9

net/ipv4/netfilter/ip_conntrack_proto_tcp.c

··· 272 * sCL -> sCL 273 */ 274 /* sNO, sSS, sSR, sES, sFW, sCW, sLA, sTW, sCL, sLI */ 275 - /*ack*/ { sIV, sIV, sSR, sES, sCW, sCW, sTW, sTW, sCL, sIV }, 276 /* 277 - * sSS -> sIV Might be a half-open connection. 278 * sSR -> sSR Might answer late resent SYN. 279 * sES -> sES :-) 280 * sFW -> sCW Normal close request answered by ACK. ··· 917 918 switch (new_state) { 919 case TCP_CONNTRACK_IGNORE: 920 - /* Either SYN in ORIGINAL 921 - * or SYN/ACK in REPLY. */ 922 if (index == TCP_SYNACK_SET 923 && conntrack->proto.tcp.last_index == TCP_SYN_SET 924 && conntrack->proto.tcp.last_dir != dir ··· 989 } 990 case TCP_CONNTRACK_CLOSE: 991 if (index == TCP_RST_SET 992 - && test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status) 993 - && conntrack->proto.tcp.last_index == TCP_SYN_SET 994 && ntohl(th->ack_seq) == conntrack->proto.tcp.last_end) { 995 - /* RST sent to invalid SYN we had let trough 996 - * SYN was in window then, tear down connection. 997 * We skip window checking, because packet might ACK 998 - * segments we ignored in the SYN. */ 999 goto in_window; 1000 } 1001 /* Just fall trough */

··· 272 * sCL -> sCL 273 */ 274 /* sNO, sSS, sSR, sES, sFW, sCW, sLA, sTW, sCL, sLI */ 275 + /*ack*/ { sIV, sIG, sSR, sES, sCW, sCW, sTW, sTW, sCL, sIV }, 276 /* 277 + * sSS -> sIG Might be a half-open connection. 278 * sSR -> sSR Might answer late resent SYN. 279 * sES -> sES :-) 280 * sFW -> sCW Normal close request answered by ACK. ··· 917 918 switch (new_state) { 919 case TCP_CONNTRACK_IGNORE: 920 + /* Ignored packets: 921 + * 922 + * a) SYN in ORIGINAL 923 + * b) SYN/ACK in REPLY 924 + * c) ACK in reply direction after initial SYN in original. 925 + */ 926 if (index == TCP_SYNACK_SET 927 && conntrack->proto.tcp.last_index == TCP_SYN_SET 928 && conntrack->proto.tcp.last_dir != dir ··· 985 } 986 case TCP_CONNTRACK_CLOSE: 987 if (index == TCP_RST_SET 988 + && ((test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status) 989 + && conntrack->proto.tcp.last_index == TCP_SYN_SET) 990 + || (!test_bit(IPS_ASSURED_BIT, &conntrack->status) 991 + && conntrack->proto.tcp.last_index == TCP_ACK_SET)) 992 && ntohl(th->ack_seq) == conntrack->proto.tcp.last_end) { 993 + /* RST sent to invalid SYN or ACK we had let trough 994 + * at a) and c) above: 995 + * 996 + * a) SYN was in window then 997 + * c) we hold a half-open connection. 998 + * 999 + * Delete our connection entry. 1000 * We skip window checking, because packet might ACK 1001 + * segments we ignored. */ 1002 goto in_window; 1003 } 1004 /* Just fall trough */

net/ipv4/netfilter/ipt_recent.c

··· 532 } 533 if(info->seconds && info->hit_count) { 534 for(pkt_count = 0, hits_found = 0; pkt_count < ip_pkt_list_tot; pkt_count++) { 535 if(time_before_eq(now,r_list[location].last_pkts[pkt_count]+info->seconds*HZ)) hits_found++; 536 } 537 if(hits_found >= info->hit_count) ans = !info->invert; else ans = info->invert;

··· 532 } 533 if(info->seconds && info->hit_count) { 534 for(pkt_count = 0, hits_found = 0; pkt_count < ip_pkt_list_tot; pkt_count++) { 535 + if(r_list[location].last_pkts[pkt_count] == 0) break; 536 if(time_before_eq(now,r_list[location].last_pkts[pkt_count]+info->seconds*HZ)) hits_found++; 537 } 538 if(hits_found >= info->hit_count) ans = !info->invert; else ans = info->invert;

+20 -9

net/netfilter/nf_conntrack_proto_tcp.c

··· 280 * sCL -> sCL 281 */ 282 /* sNO, sSS, sSR, sES, sFW, sCW, sLA, sTW, sCL, sLI */ 283 - /*ack*/ { sIV, sIV, sSR, sES, sCW, sCW, sTW, sTW, sCL, sIV }, 284 /* 285 - * sSS -> sIV Might be a half-open connection. 286 * sSR -> sSR Might answer late resent SYN. 287 * sES -> sES :-) 288 * sFW -> sCW Normal close request answered by ACK. ··· 912 913 switch (new_state) { 914 case TCP_CONNTRACK_IGNORE: 915 - /* Either SYN in ORIGINAL 916 - * or SYN/ACK in REPLY. */ 917 if (index == TCP_SYNACK_SET 918 && conntrack->proto.tcp.last_index == TCP_SYN_SET 919 && conntrack->proto.tcp.last_dir != dir ··· 983 } 984 case TCP_CONNTRACK_CLOSE: 985 if (index == TCP_RST_SET 986 - && test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status) 987 - && conntrack->proto.tcp.last_index == TCP_SYN_SET 988 && ntohl(th->ack_seq) == conntrack->proto.tcp.last_end) { 989 - /* RST sent to invalid SYN we had let trough 990 - * SYN was in window then, tear down connection. 991 * We skip window checking, because packet might ACK 992 - * segments we ignored in the SYN. */ 993 goto in_window; 994 } 995 /* Just fall trough */

··· 280 * sCL -> sCL 281 */ 282 /* sNO, sSS, sSR, sES, sFW, sCW, sLA, sTW, sCL, sLI */ 283 + /*ack*/ { sIV, sIG, sSR, sES, sCW, sCW, sTW, sTW, sCL, sIV }, 284 /* 285 + * sSS -> sIG Might be a half-open connection. 286 * sSR -> sSR Might answer late resent SYN. 287 * sES -> sES :-) 288 * sFW -> sCW Normal close request answered by ACK. ··· 912 913 switch (new_state) { 914 case TCP_CONNTRACK_IGNORE: 915 + /* Ignored packets: 916 + * 917 + * a) SYN in ORIGINAL 918 + * b) SYN/ACK in REPLY 919 + * c) ACK in reply direction after initial SYN in original. 920 + */ 921 if (index == TCP_SYNACK_SET 922 && conntrack->proto.tcp.last_index == TCP_SYN_SET 923 && conntrack->proto.tcp.last_dir != dir ··· 979 } 980 case TCP_CONNTRACK_CLOSE: 981 if (index == TCP_RST_SET 982 + && ((test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status) 983 + && conntrack->proto.tcp.last_index == TCP_SYN_SET) 984 + || (!test_bit(IPS_ASSURED_BIT, &conntrack->status) 985 + && conntrack->proto.tcp.last_index == TCP_ACK_SET)) 986 && ntohl(th->ack_seq) == conntrack->proto.tcp.last_end) { 987 + /* RST sent to invalid SYN or ACK we had let trough 988 + * at a) and c) above: 989 + * 990 + * a) SYN was in window then 991 + * c) we hold a half-open connection. 992 + * 993 + * Delete our connection entry. 994 * We skip window checking, because packet might ACK 995 + * segments we ignored. */ 996 goto in_window; 997 } 998 /* Just fall trough */