]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 5e88240 807e528)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
authorJakub Kicinski <kuba@kernel.org>
Fri, 4 Feb 2022 16:47:41 +0000 (08:47 -0800)
committerJakub Kicinski <kuba@kernel.org>
Fri, 4 Feb 2022 16:47:42 +0000 (08:47 -0800)
commit71e243fedea35dd8c18127aa9bbcd71af1783cd4
treeb41bad7e88f0e835428128d42f974631a0eceaa4tree | snapshot
parent5e88240cfd4e6b1b08d6bef64854fb435ece1e52commit | diff
parent807e52815636f79b0afde58d5097bc698739a351commit | diff
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

1) Don't refresh timeout for SCTP flows in CLOSED state.

2) Don't allow access to transport header if fragment offset is set on.

3) Reinitialize internal conntrack state for retransmitted TCP
   syn-ack packet.

4) Update MAINTAINER file to add the Netfilter group tree. Moving
   forward, Florian Westphal has access to this tree so he can also
   send pull requests.

5) Set on IPS_HELPER for entries created via ctnetlink, otherwise NAT
   might zap it.

All patches from Florian Westphal.

* git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
  netfilter: ctnetlink: disable helper autoassign
  MAINTAINERS: netfilter: update git links
  netfilter: conntrack: re-init state for retransmitted syn-ack
  netfilter: conntrack: move synack init code to helper
  netfilter: nft_payload: don't allow th access for fragments
  netfilter: conntrack: don't refresh sctp entries in closed state
====================

Link: https://lore.kernel.org/r/20220204151903.320786-1-pablo@netfilter.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Linux Kernel Source Tree.