forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/net/netfilter
History
Simon Horman 426f45680c ipvs: fix matching of fwmark templates during scheduling 
commit e0aac52e17 upstream.

	Commit f11017ec2d (2.6.37)
moved the fwmark variable in subcontext that is invalidated before
reaching the ip_vs_ct_in_get call. As vaddr is provided as pointer
in the param structure make sure the fwmark variable is in
same context. As the fwmark templates can not be matched,
more and more template connections are created and the
controlled connections can not go to single real server.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-02-29 16:34:31 -08:00
..
ipset netfilter: ipset: Use the stored first cidr value instead of '1' 2011-06-06 01:35:29 +02:00
ipvs ipvs: fix matching of fwmark templates during scheduling 2012-02-29 16:34:31 -08:00
core.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-02-19 19:17:35 -08:00
Kconfig netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route 2011-04-04 17:01:43 +02:00
Makefile netfilter: ipt_addrtype: rename to xt_addrtype 2011-03-15 20:16:20 +01:00
nf_conntrack_acct.c netfilter: complete the deprecation of CONFIG_NF_CT_ACCT 2010-06-25 14:46:56 +02:00
nf_conntrack_amanda.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_conntrack_broadcast.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_core.c netfilter: nf_conntrack: fix ct refcount leak in l4proto->error() 2011-06-06 01:37:02 +02:00
nf_conntrack_ecache.c netfilter: ecache: always set events bits, filter them later 2011-02-01 16:06:30 +01:00
nf_conntrack_expect.c netfilter: nf_conntrack: use is_vmalloc_addr() 2011-01-14 15:45:56 +01:00
nf_conntrack_extend.c net,rcu: convert call_rcu(__nf_ct_ext_free_rcu) to kfree_rcu() 2011-05-07 22:51:07 -07:00
nf_conntrack_ftp.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_h323_asn1.c netfilter: h323: bug in parsing of ASN1 SEQOF field 2011-04-04 15:21:02 +02:00
nf_conntrack_h323_main.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: nf_conntrack: use is_vmalloc_addr() 2011-01-14 15:45:56 +01:00
nf_conntrack_irc.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_l3proto_generic.c
nf_conntrack_netbios_ns.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_netlink.c netfilter: ctnetlink: fix timestamp support for new conntracks 2011-05-10 09:48:06 +02:00
nf_conntrack_pptp.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_proto.c netfilter: rcu sparse cleanups 2010-11-15 19:45:13 +01:00
nf_conntrack_proto_dccp.c Fix common misspellings 2011-03-31 11:26:23 -03:00
nf_conntrack_proto_generic.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
nf_conntrack_proto_gre.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
nf_conntrack_proto_sctp.c Fix common misspellings 2011-03-31 11:26:23 -03:00
nf_conntrack_proto_tcp.c netfilter: nf_ct_tcp: fix out of sync scenario while in SYN_RECV 2011-02-28 18:02:33 +01:00
nf_conntrack_proto_udp.c netfilter: nf_conntrack: pass template to l4proto ->error() handler 2010-02-15 17:45:08 +01:00
nf_conntrack_proto_udplite.c netfilter: nf_conntrack: pass template to l4proto ->error() handler 2010-02-15 17:45:08 +01:00
nf_conntrack_sane.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_sip.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_snmp.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_standalone.c netfilter: nf_conntrack_standalone: Fix set-but-unused variables. 2011-04-17 17:03:33 -07:00
nf_conntrack_tftp.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_conntrack_timestamp.c netfilter: nf_conntrack_tstamp: add flow-based timestamp extension 2011-01-19 16:00:07 +01:00
nf_internals.h netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_log.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-03-03 21:27:42 -08:00
nf_queue.c Fix common misspellings 2011-03-31 11:26:23 -03:00
nf_sockopt.c
nf_tproxy_core.c netfilter: tproxy: do not assign timewait sockets to skb->sk 2011-02-17 11:32:38 +01:00
nfnetlink.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nfnetlink_log.c netfilter: fix looped (broad|multi)cast's MAC handling 2011-06-16 17:27:04 +02:00
nfnetlink_queue.c netfilter: fix looped (broad|multi)cast's MAC handling 2011-06-16 17:27:04 +02:00
x_tables.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-3.6 2011-05-11 14:26:58 -04:00
xt_addrtype.c netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route 2011-04-04 17:01:43 +02:00
xt_AUDIT.c netfilter ebtables: fix xt_AUDIT to work with ebtables 2011-03-16 18:32:13 +01:00
xt_CHECKSUM.c netfilter: add CHECKSUM target 2010-07-15 17:20:46 +02:00
xt_CLASSIFY.c netfilter: xt_CLASSIFY: add ARP support, allow CLASSIFY target on any table 2010-11-15 13:57:56 +01:00
xt_cluster.c netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
xt_comment.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_connbytes.c netfilter: xt_connbytes: Force CT accounting to be enabled 2010-06-25 14:44:07 +02:00
xt_connlimit.c netfilter: xt_connlimit: remove connlimit_rnd_inited 2011-03-15 13:26:32 +01:00
xt_connmark.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_CONNSECMARK.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
xt_conntrack.c netfilter: revert a2361c8735 2011-05-10 12:13:36 +02:00
xt_cpu.c netfilter: xtables: add missing aliases for autoloading via iptables 2011-01-18 06:33:54 +01:00
xt_CT.c secmark: make secmark object handling generic 2010-10-21 10:12:48 +11:00
xt_dccp.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_devgroup.c netfilter: xtables: add device group match 2011-02-03 00:05:43 +01:00
xt_dscp.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_DSCP.c netfilter: IPv6: fix DSCP mangle code 2011-05-10 10:00:21 +02:00
xt_esp.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_hashlimit.c netfilter: xt_hashlimit: use proto_ports_offset() to support AH message 2010-08-19 17:16:25 -07:00
xt_helper.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_hl.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_HL.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
xt_IDLETIMER.c netfilter: xtables: add missing aliases for autoloading via iptables 2011-01-18 06:33:54 +01:00
xt_iprange.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-02-04 14:28:58 -08:00
xt_ipvs.c IPVS: netns, use ip_vs_proto_data as param. 2011-01-13 10:30:27 +09:00
xt_LED.c netfilter: xtables: add missing aliases for autoloading via iptables 2011-01-18 06:33:54 +01:00
xt_length.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_limit.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_mac.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_mark.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_multiport.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_NFLOG.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
xt_NFQUEUE.c netfilter: allow NFQUEUE bypass if no listener is available 2011-01-18 16:08:30 +01:00
xt_NOTRACK.c netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
xt_osf.c net,rcu: convert call_rcu(xt_osf_finger_free_rcu) to kfree_rcu() 2011-05-07 22:51:12 -07:00
xt_owner.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_physdev.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_pkttype.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_policy.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_quota.c xt_quota: report initial quota value instead of current value to userspace 2010-07-23 14:07:47 +02:00
xt_rateest.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_RATEEST.c pkt_sched: gen_kill_estimator() rcu fixes 2010-06-11 18:37:08 -07:00
xt_realm.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_recent.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
xt_repldata.h netfilter: xtables: generate initial table on-demand 2010-02-10 17:50:47 +01:00
xt_sctp.c netfilter: xt_sctp: use WORD_ROUND macro to calculate length of multiple of 4 bytes 2010-06-09 14:47:40 +02:00
xt_SECMARK.c secmark: make secmark object handling generic 2010-10-21 10:12:48 +11:00
xt_set.c netfilter: ipset: set match and SET target fixes 2011-04-13 13:45:57 +02:00
xt_socket.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
xt_state.c netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
xt_statistic.c netfilter: xt_statistic: remove nth_lock spinlock 2010-06-01 12:00:41 +02:00
xt_string.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_TCPMSS.c netfilter: af_info: add 'strict' parameter to limit lookup to .oif 2011-04-04 17:00:54 +02:00
xt_tcpmss.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_TCPOPTSTRIP.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
xt_tcpudp.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_TEE.c ipv6: Convert to use flowi6 where applicable. 2011-03-12 15:08:54 -08:00
xt_time.c netfilter: remove unnecessary returns from void function()s 2010-05-13 15:16:27 +02:00
xt_TPROXY.c netfilter: tproxy: do not assign timewait sockets to skb->sk 2011-02-17 11:32:38 +01:00
xt_TRACE.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
xt_u32.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00