adulau/aha
1
0
Fork 0
mirror of https://github.com/adulau/aha.git synced 2025-01-05 15:43:22 +00:00
Code Issues Projects Releases Packages Wiki Activity
aha/net/ipv6
History
Jan Kasprzak f87fb666bb netfilter: nf_ct_icmp: keep the ICMP ct entries longer 
Current conntrack code kills the ICMP conntrack entry as soon as
the first reply is received. This is incorrect, as we then see only
the first ICMP echo reply out of several possible duplicates as
ESTABLISHED, while the rest will be INVALID. Also this unnecessarily
increases the conntrackd traffic on H-A firewalls.

Make all the ICMP conntrack entries (including the replied ones)
last for the default of nf_conntrack_icmp{,v6}_timeout seconds.

Signed-off-by: Jan "Yenya" Kasprzak <kas@fi.muni.cz>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2009-06-08 15:53:43 +02:00
..
netfilter netfilter: nf_ct_icmp: keep the ICMP ct entries longer 2009-06-08 15:53:43 +02:00
addrconf.c addrconf: refuse isatap eui64 for INADDR_ANY 2009-05-19 16:02:02 -07:00
addrconf_core.c
addrlabel.c
af_inet6.c gro: Avoid unnecessary comparison after skb_gro_header 2009-05-27 03:26:01 -07:00
ah6.c netns xfrm: AH/ESP in netns! 2008-11-25 17:59:27 -08:00
anycast.c
datagram.c netns xfrm: lookup in netns 2008-11-25 17:35:18 -08:00
esp6.c netns xfrm: AH/ESP in netns! 2008-11-25 17:59:27 -08:00
exthdrs.c
exthdrs_core.c
fib6_rules.c net: Remove unused parameter from fill method in fib_rules_ops. 2009-05-20 17:26:23 -07:00
icmp.c net: fix xfrm reverse flow lookup for icmp6 2009-01-27 22:30:19 -08:00
inet6_connection_sock.c netns xfrm: lookup in netns 2008-11-25 17:35:18 -08:00
inet6_hashtables.c ipv6: don't use tw net when accounting for recycled tw 2009-02-26 03:35:13 -08:00
ip6_fib.c ipv6: Fix fib6_dump_table walker leak 2009-01-13 22:17:51 -08:00
ip6_flowlabel.c ipv6: Disallow rediculious flowlabel option sizes. 2009-02-06 00:49:55 -08:00
ip6_input.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
ip6_output.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
ip6_tunnel.c net: remove needless (now buggy) & from dev->dev_addr 2009-05-17 11:59:47 -07:00
ip6mr.c ipv6: compile fix for ip6mr.c 2009-01-31 00:51:49 -08:00
ipcomp6.c netns xfrm: state lookup in netns 2008-11-25 17:30:50 -08:00
ipv6_sockglue.c ipv6:remove useless check 2009-04-14 02:21:41 -07:00
Kconfig trivial: fix typos/grammar errors in Kconfig texts 2009-03-30 15:22:01 +02:00
Makefile
mcast.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
mip6.c netns xfrm: KM reporting in netns 2008-11-25 17:51:01 -08:00
ndisc.c sit: stateless autoconf for isatap 2009-05-19 16:02:02 -07:00
netfilter.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6 2008-11-28 02:19:15 -08:00
proc.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
protocol.c
raw.c snmp: add missing counters for RFC 4293 2009-04-27 02:45:02 -07:00
reassembly.c netns: oops in ip[6]_frag_reasm incrementing stats 2009-03-18 23:26:11 -07:00
route.c IPv6: set RTPROT_KERNEL to initial route 2009-05-20 17:38:59 -07:00
sit.c sit: stateless autoconf for isatap 2009-05-19 16:02:02 -07:00
syncookies.c syncookies: remove last_synq_overflow from struct tcp_sock 2009-04-20 02:25:26 -07:00
sysctl_net_ipv6.c remove lots of double-semicolons 2009-01-08 08:31:14 -08:00
tcp_ipv6.c tcp: Unexport TCPv6 GRO functions 2009-05-22 00:45:28 -07:00
tunnel6.c
udp.c ipv6: Fix NULL pointer dereference with time-wait sockets 2009-04-11 01:53:06 -07:00
udp_impl.h
udplite.c
xfrm6_input.c netns xfrm: per-netns MIBs 2008-11-25 17:59:52 -08:00
xfrm6_mode_beet.c
xfrm6_mode_ro.c
xfrm6_mode_transport.c
xfrm6_mode_tunnel.c
xfrm6_output.c xfrm: fix fragmentation on inter family tunnels 2009-04-06 17:07:59 -07:00
xfrm6_policy.c net: replace uses of __constant_{endian} 2009-02-01 00:45:17 -08:00
xfrm6_state.c ipv6: fix sparse warning: Using plain integer as NULL pointer 2009-02-21 23:37:10 -08:00
xfrm6_tunnel.c xfrm6_tunnel: join error paths using goto 2008-12-14 23:13:48 -08:00