| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4D384BD8.9080709@trash.net>
Date: Thu, 20 Jan 2011 15:51:04 +0100
From: Patrick McHardy <kaber@...sh.net>
To: Changli Gao <xiaosuo@...il.com>
CC: "David S. Miller" <davem@...emloft.net>,
netfilter-devel@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: [PATCH resend] netfilter: place in source hash after SNAT is
done
Am 19.01.2011 01:03, schrieb Changli Gao:
> On Tue, Jan 18, 2011 at 10:17 PM, Patrick McHardy <kaber@...sh.net> wrote:
>>> net/ipv4/netfilter/nf_nat_core.c | 18 +++++++++++-------
>>> 1 file changed, 11 insertions(+), 7 deletions(-)
>>> diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c
>>> index c04787c..51ce55a 100644
>>> --- a/net/ipv4/netfilter/nf_nat_core.c
>>> +++ b/net/ipv4/netfilter/nf_nat_core.c
>>> @@ -221,7 +221,14 @@ get_unique_tuple(struct nf_conntrack_tuple *tuple,
>>> manips not an issue. */
>>> if (maniptype == IP_NAT_MANIP_SRC &&
>>> !(range->flags & IP_NAT_RANGE_PROTO_RANDOM)) {
>>> - if (find_appropriate_src(net, zone, orig_tuple, tuple, range)) {
>>> + /* try the original tuple first */
>>
>> This doesn't seem to be related to the hashing change. Please describe
>> the intention behind this change.
>
> Currently, we add the ct at the head of the corresponding bucket of
> the source hash table after DNAT is done, so when we do SNAT, the
> original ct will be tried first. This change is used to keep this
> behavior.
Thanks for the explanation, applied.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists