| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <49104FE7.7070509@trash.net> Date: Tue, 04 Nov 2008 14:36:39 +0100 From: Patrick McHardy <kaber@...sh.net> To: Simon Arlott <simon@...ott.org> CC: netdev <netdev@...r.kernel.org>, kadlec@...ckhole.kfki.hu, netfilter-devel@...r.kernel.org Subject: Re: [PATCH] netfilter: Remove warn_if_extra_mangle Simon Arlott wrote: > In net/ipv4/netfilter/nf_nat_rule.c, the function warn_if_extra_mangle was added > in commit 5b1158e909ecbe1a052203e0d8df15633f829930 (2006-12-02). I have a DNAT > target in the OUTPUT chain than changes connections with dst 2.0.0.1 to another > address which I'll substitute with 66.102.9.99 below. > > On every boot I get the following message: > [ 146.252505] NAT: no longer support implicit source local NAT > [ 146.252517] NAT: packet src 66.102.9.99 -> dst 2.0.0.1 > > As far as I can tell from reading the function doing this, it should warn if the > source IP for the route to 66.102.9.99 is different from 2.0.0.1 but that is not > the case. It doesn't make sense to check the DNAT target against the local route > source. > > Either the function should be changed to correctly check the route, or it should > be removed entirely as it's been nearly 2 years since it was added. Removing it sounds fine to me. Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists