AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-01-20 06:17:45 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
8c88f87cb2
linux_dsm_epyc7002/include
History
Pablo Neira Ayuso 8c88f87cb2 netfilter: nfnetlink_queue: add NAT TCP sequence adjustment if packet mangled 
User-space programs that receive traffic via NFQUEUE may mangle packets.
If NAT is enabled, this usually puzzles sequence tracking, leading to
traffic disruptions.

With this patch, nfnl_queue will make the corresponding NAT TCP sequence
adjustment if:

1) The packet has been mangled,
2) the NFQA_CFG_F_CONNTRACK flag has been set, and
3) NAT is detected.

There are some records on the Internet complaning about this issue:
http://stackoverflow.com/questions/260757/packet-mangling-utilities-besides-iptables

By now, we only support TCP since we have no helpers for DCCP or SCTP.
Better to add this if we ever have some helper over those layer 4 protocols.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2012-06-16 15:09:08 +02:00
..
acpi
asm-generic Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-06-01 10:34:35 -07:00
crypto
drm introduce SIZE_MAX 2012-05-31 17:49:26 -07:00
keys
linux netfilter: nfnetlink_queue: add NAT TCP sequence adjustment if packet mangled 2012-06-16 15:09:08 +02:00
math-emu
media
memory
misc
mtd
net netfilter: nfnetlink_queue: add NAT TCP sequence adjustment if packet mangled 2012-06-16 15:09:08 +02:00
pcmcia
rdma
rxrpc
scsi
sound
target
trace mm: vmscan: remove reclaim_mode_t 2012-05-29 16:22:19 -07:00
video fbdev updates for 3.5 2012-06-01 16:57:51 -07:00
xen
Kbuild