1. 25 Apr, 2005 1 commit
    • Patrick McHardy's avatar
      [NETFILTER]: Fix NAT sequence number adjustment · e281e3ac
      Patrick McHardy authored
      The NAT changes in 2.6.11 changed the position where helpers
      are called and perform packet mangling. Before 2.6.11, a NAT
      helper was called before the packet was NATed and had its
      sequence number adjusted. Since 2.6.11, the helpers get packets
      with already adjusted sequence numbers.
      
      This breaks sequence number adjustment, adjust_tcp_sequence()
      needs the original sequence number to determine whether
      a packet was a retransmission and to store it for further
      corrections. It can't be reconstructed without more information
      than available, so this patch restores the old order by
      calling helpers from a new conntrack hook two priorities
      below ip_conntrack_confirm() and adjusting the sequence number
      from a new NAT hook one priority below ip_conntrack_confirm().
      
      Tracked down by Phil Oester <kernel@linuxace.com>
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e281e3ac
  2. 24 Apr, 2005 13 commits
  3. 22 Apr, 2005 26 commits