korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-20 10:44:23 +08:00
Code Issues Packages Projects Releases Wiki Activity
f87fb666bb
linux/net/ipv6
History
Jan Kasprzak f87fb666bb netfilter: nf_ct_icmp: keep the ICMP ct entries longer 
Current conntrack code kills the ICMP conntrack entry as soon as
the first reply is received. This is incorrect, as we then see only
the first ICMP echo reply out of several possible duplicates as
ESTABLISHED, while the rest will be INVALID. Also this unnecessarily
increases the conntrackd traffic on H-A firewalls.

Make all the ICMP conntrack entries (including the replied ones)
last for the default of nf_conntrack_icmp{,v6}_timeout seconds.

Signed-off-by: Jan "Yenya" Kasprzak <kas@fi.muni.cz>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2009-06-08 15:53:43 +02:00
..
netfilter netfilter: nf_ct_icmp: keep the ICMP ct entries longer 2009-06-08 15:53:43 +02:00
addrconf_core.c [IPV6]: ipv6_addr_type() doesn't know about RFC4193 addresses. 2007-07-31 02:28:21 -07:00
addrconf.c addrconf: refuse isatap eui64 for INADDR_ANY 2009-05-19 16:02:02 -07:00
addrlabel.c net: replace %p6 with %pI6 2008-10-29 12:52:50 -07:00
af_inet6.c gro: Avoid unnecessary comparison after skb_gro_header 2009-05-27 03:26:01 -07:00
ah6.c netns xfrm: AH/ESP in netns! 2008-11-25 17:59:27 -08:00
anycast.c net: replace %#p6 format specifier with %pi6 2008-10-29 12:50:24 -07:00
datagram.c netns xfrm: lookup in netns 2008-11-25 17:35:18 -08:00
esp6.c netns xfrm: AH/ESP in netns! 2008-11-25 17:59:27 -08:00
exthdrs_core.c [NET] IPV6: Fix whitespace errors. 2007-02-10 23:19:42 -08:00
exthdrs.c net: replace %p6 with %pI6 2008-10-29 12:52:50 -07:00
fib6_rules.c net: Remove unused parameter from fill method in fib_rules_ops. 2009-05-20 17:26:23 -07:00
icmp.c net: fix xfrm reverse flow lookup for icmp6 2009-01-27 22:30:19 -08:00
inet6_connection_sock.c netns xfrm: lookup in netns 2008-11-25 17:35:18 -08:00
inet6_hashtables.c ipv6: don't use tw net when accounting for recycled tw 2009-02-26 03:35:13 -08:00
ip6_fib.c ipv6: Fix fib6_dump_table walker leak 2009-01-13 22:17:51 -08:00
ip6_flowlabel.c ipv6: Disallow rediculious flowlabel option sizes. 2009-02-06 00:49:55 -08:00
ip6_input.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
ip6_output.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
ip6_tunnel.c net: remove needless (now buggy) & from dev->dev_addr 2009-05-17 11:59:47 -07:00
ip6mr.c ipv6: compile fix for ip6mr.c 2009-01-31 00:51:49 -08:00
ipcomp6.c netns xfrm: state lookup in netns 2008-11-25 17:30:50 -08:00
ipv6_sockglue.c ipv6:remove useless check 2009-04-14 02:21:41 -07:00
Kconfig trivial: fix typos/grammar errors in Kconfig texts 2009-03-30 15:22:01 +02:00
Makefile [IPV6] MROUTE: Support multicast forwarding. 2008-04-05 22:33:38 +09:00
mcast.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
mip6.c netns xfrm: KM reporting in netns 2008-11-25 17:51:01 -08:00
ndisc.c sit: stateless autoconf for isatap 2009-05-19 16:02:02 -07:00
netfilter.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6 2008-11-28 02:19:15 -08:00
proc.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
protocol.c net: remove CVS keywords 2008-06-11 21:00:38 -07:00
raw.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
reassembly.c netns: oops in ip[6]_frag_reasm incrementing stats 2009-03-18 23:26:11 -07:00
route.c IPv6: set RTPROT_KERNEL to initial route 2009-05-20 17:38:59 -07:00
sit.c sit: stateless autoconf for isatap 2009-05-19 16:02:02 -07:00
syncookies.c syncookies: remove last_synq_overflow from struct tcp_sock 2009-04-20 02:25:26 -07:00
sysctl_net_ipv6.c remove lots of double-semicolons 2009-01-08 08:31:14 -08:00
tcp_ipv6.c tcp: Unexport TCPv6 GRO functions 2009-05-22 00:45:28 -07:00
tunnel6.c [IPV6] TUNNEL6: Fix incoming packet length check for inter-protocol tunnel. 2008-06-05 04:02:32 +09:00
udp_impl.h udp: introduce struct udp_table and multiple spinlocks 2008-10-29 01:41:45 -07:00
udp.c ipv6: Fix NULL pointer dereference with time-wait sockets 2009-04-11 01:53:06 -07:00
udplite.c udp: RCU handling for Unicast packets. 2008-10-29 02:11:14 -07:00
xfrm6_input.c netns xfrm: per-netns MIBs 2008-11-25 17:59:52 -08:00
xfrm6_mode_beet.c ipsec: Interfamily IPSec BEET, ipv4-inner ipv6-outer 2008-08-06 02:40:25 -07:00
xfrm6_mode_ro.c [IPSEC]: Make x->lastused an unsigned long 2008-01-28 14:53:52 -08:00
xfrm6_mode_transport.c [IPSEC]: Use IPv6 calling convention as the convention for x->mode->output 2007-10-10 16:55:54 -07:00
xfrm6_mode_tunnel.c [IPSEC]: Fix inter address family IPsec tunnel handling. 2008-03-24 14:51:51 -07:00
xfrm6_output.c xfrm: fix fragmentation on inter family tunnels 2009-04-06 17:07:59 -07:00
xfrm6_policy.c net: replace uses of __constant_{endian} 2009-02-01 00:45:17 -08:00
xfrm6_state.c ipv6: fix sparse warning: Using plain integer as NULL pointer 2009-02-21 23:37:10 -08:00
xfrm6_tunnel.c xfrm6_tunnel: join error paths using goto 2008-12-14 23:13:48 -08:00