Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
The following patchset contains Netfilter fixes for net:
1) br_netfilter drops IPv6 packets if ipv6 is disabled, from Leonardo Bras.
2) nft_socket hits BUG() due to illegal skb->sk caching, patch from
Fernando Fernandez Mancera.
3) nft_fib_netdev could be called with ipv6 disabled, leading to crash
in the fib lookup, also from Leonardo.
4) ctnetlink honors IPS_OFFLOAD flag, just like nf_conntrack sysctl does.
5) Properly set up flowtable entry timeout, otherwise immediate
removal by garbage collector might occur.
====================
Signed-off-by: 
David S. Miller <davem@davemloft.net>
No related branches found
No related tags found
Showing
- net/bridge/br_netfilter_hooks.c 4 additions, 0 deletionsnet/bridge/br_netfilter_hooks.c
- net/netfilter/nf_conntrack_netlink.c 5 additions, 2 deletionsnet/netfilter/nf_conntrack_netlink.c
- net/netfilter/nf_flow_table_core.c 1 addition, 1 deletionnet/netfilter/nf_flow_table_core.c
- net/netfilter/nft_fib_netdev.c 3 additions, 0 deletionsnet/netfilter/nft_fib_netdev.c
- net/netfilter/nft_socket.c 3 additions, 3 deletionsnet/netfilter/nft_socket.c
Loading
Please register or sign in to comment