From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 0/5] Netfilter fixes for net
Date: Mon, 10 Aug 2015 19:58:34 +0200 [thread overview]
Message-ID: <1439229519-7640-1-git-send-email-pablo@netfilter.org> (raw)
Hi David,
The following patchset contains five Netfilter fixes for your net tree,
they are:
1) Silence a warning on falling back to vmalloc(). Since 88eab472ec21, we can
easily hit this warning message, that gets users confused. So let's get rid
of it.
2) Recently when porting the template object allocation on top of kmalloc to
fix the netns dependencies between x_tables and conntrack, the error
checks where left unchanged. Remove IS_ERR() and check for NULL instead.
Patch from Dan Carpenter.
3) Don't ignore gfp_flags in the new nf_ct_tmpl_alloc() function, from
Joe Stringer.
4) Fix a crash due to NULL pointer dereference in ip6t_SYNPROXY, patch from
Phil Sutter.
5) The sequence number of the Syn+ack that is sent from SYNPROXY to clients is
not adjusted through our NAT infrastructure, as a result the client may
ignore this TCP packet and TCP flow hangs until the client probes us. Also
from Phil Sutter.
You can pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
Thanks!
----------------------------------------------------------------
The following changes since commit 15f1bb1f1e067be7088ed43ef23d59629bd24348:
qlcnic: Fix corruption while copying (2015-07-29 23:57:26 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git master
for you to fetch changes up to 3c16241c445303a90529565e7437e1f240acfef2:
netfilter: SYNPROXY: fix sending window update to client (2015-08-10 13:55:07 +0200)
----------------------------------------------------------------
Dan Carpenter (1):
netfilter: nf_conntrack: checking for IS_ERR() instead of NULL
Joe Stringer (1):
netfilter: conntrack: Use flags in nf_ct_tmpl_alloc()
Pablo Neira Ayuso (1):
netfilter: nf_conntrack: silence warning on falling back to vmalloc()
Phil Sutter (2):
netfilter: ip6t_SYNPROXY: fix NULL pointer dereference
netfilter: SYNPROXY: fix sending window update to client
net/ipv4/netfilter/ipt_SYNPROXY.c | 3 ++-
net/ipv6/netfilter/ip6t_SYNPROXY.c | 19 +++++++++++--------
net/netfilter/nf_conntrack_core.c | 8 +++-----
net/netfilter/nf_synproxy_core.c | 4 +---
net/netfilter/xt_CT.c | 5 +++--
5 files changed, 20 insertions(+), 19 deletions(-)
next reply other threads:[~2015-08-10 17:53 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-10 17:58 Pablo Neira Ayuso [this message]
2015-08-10 17:58 ` [PATCH 1/5] netfilter: nf_conntrack: silence warning on falling back to vmalloc() Pablo Neira Ayuso
2015-08-10 17:58 ` [PATCH 2/5] netfilter: nf_conntrack: checking for IS_ERR() instead of NULL Pablo Neira Ayuso
2015-08-10 17:58 ` [PATCH 3/5] netfilter: conntrack: Use flags in nf_ct_tmpl_alloc() Pablo Neira Ayuso
2015-08-10 17:58 ` [PATCH 4/5] netfilter: ip6t_SYNPROXY: fix NULL pointer dereference Pablo Neira Ayuso
2015-08-10 17:58 ` [PATCH 5/5] netfilter: SYNPROXY: fix sending window update to client Pablo Neira Ayuso
2015-08-11 4:08 ` [PATCH 0/5] Netfilter fixes for net David Miller
2017-07-18 10:13 Pablo Neira Ayuso
2017-07-18 19:03 ` David Miller
2017-07-18 21:11 ` Florian Westphal
2017-07-18 21:54 ` David Miller
2017-08-24 14:43 Pablo Neira Ayuso
2017-08-24 18:49 ` David Miller
2018-12-13 1:06 Pablo Neira Ayuso
2018-12-13 5:37 ` David Miller
2019-03-11 22:50 Pablo Neira Ayuso
2019-03-11 23:14 ` David Miller
2019-08-19 18:49 Pablo Neira Ayuso
2019-08-19 20:16 ` David Miller
2019-08-30 12:06 Pablo Neira Ayuso
2019-08-31 0:52 ` David Miller
2019-09-04 19:36 Pablo Neira Ayuso
2019-09-04 22:04 ` David Miller
2019-09-25 20:29 Pablo Neira Ayuso
2019-09-27 18:16 ` David Miller
2020-05-25 21:54 Pablo Neira Ayuso
2020-05-26 1:29 ` David Miller
2020-05-26 20:10 ` Pablo Neira Ayuso
2020-05-26 23:08 ` David Miller
2020-08-04 20:02 Pablo Neira Ayuso
2020-08-04 20:32 ` David Miller
2020-09-08 15:09 Pablo Neira Ayuso
2020-09-09 3:08 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1439229519-7640-1-git-send-email-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).