]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 62f5498) | patch
netfilter: ctnetlink: synproxy support
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 20 Mar 2018 11:33:51 +0000 (12:33 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 20 Mar 2018 13:39:31 +0000 (14:39 +0100)
commitb0eaeea13bc0b500c15778bf1057df06e9c3cfa4
tree5c30b92f59ca013c86a87f55fd4c01eb71cf1cfdtree | snapshot
parent62f549861f51cb3516a3b10bd6f9ceb9dd711360commit | diff
netfilter: ctnetlink: synproxy support

This patch exposes synproxy information per-conntrack. Moreover, send
sequence adjustment events once server sends us the SYN,ACK packet, so
we can synchronize the sequence adjustment too for packets going as
reply from the server, as part of the synproxy logic.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/uapi/linux/netfilter/nf_conntrack_common.h diff | blob | history
include/uapi/linux/netfilter/nfnetlink_conntrack.h diff | blob | history
net/ipv4/netfilter/ipt_SYNPROXY.c diff | blob | history
net/ipv6/netfilter/ip6t_SYNPROXY.c diff | blob | history
net/netfilter/nf_conntrack_netlink.c diff | blob | history
Linux Kernel Source Tree.