]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3260b7a) | patch
netfilter: nft_payload: do not update layer 4 checksum when mangling fragments
authorPablo Neira Ayuso <pablo@netfilter.org>
Wed, 5 Jan 2022 15:09:57 +0000 (16:09 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 6 Jan 2022 09:43:23 +0000 (10:43 +0100)
commit30e1740ed1d60a306a643f82de04c1754bf3b477
treec79eb1919de9ee6c97544aae1e9e6224f845ed0ftree | snapshot
parent3260b7adec3a122e6c7d6f459489b4cab239d77ecommit | diff
netfilter: nft_payload: do not update layer 4 checksum when mangling fragments

IP fragments do not come with the transport header, hence skip bogus
layer 4 checksum updates.

Fixes: 027bee253306 ("netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields")
Reported-and-tested-by: Steffen Weinreich <steve@weinreich.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nft_payload.c diff | blob | history
Linux Kernel Source Tree.