git.baikalelectronics.ru Git - kernel.git/commit

]> git.baikalelectronics.ru Git - kernel.git/commit

author	Stephen Hemminger <shemminger@vyatta.com>
	Tue, 19 Aug 2008 04:32:32 +0000 (21:32 -0700)
committer	David S. Miller <davem@davemloft.net>
	Tue, 19 Aug 2008 04:32:32 +0000 (21:32 -0700)
commit	c6ee389ef6d577676ef08f4d9756fbea4b71655c
tree	1e71181cc80da8dc3d6e1da202943482b9eb5500	tree \| snapshot
parent	e26aac7ea0848e6cb6db5f2e00141d3d7d5a2185	commit \| diff

nf_nat: use secure_ipv4_port_ephemeral() for NAT port randomization

Use incoming network tuple as seed for NAT port randomization.
This avoids concerns of leaking net_random() bits, and also gives better
port distribution. Don't have NAT server, compile tested only.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
[ added missing EXPORT_SYMBOL_GPL ]

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

drivers/char/random.c		diff \| blob \| history
net/ipv4/netfilter/nf_nat_proto_common.c		diff \| blob \| history

Linux Kernel Source Tree.

RSS Atom