qiurui
/
Centos-kernel-stream-9
mirror of https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Centos-kernel-stream-9/net/ipv6/netfilter
History
CKI Backport Bot 1e51ea6e75 netfilter: fib: check correct rtable in vrf setups 
JIRA: https://issues.redhat.com/browse/RHEL-73708

commit 05ef7055debc804e8083737402127975e7244fc4
Author: Florian Westphal <fw@strlen.de>
Date:   Wed Oct 9 09:19:02 2024 +0200

    netfilter: fib: check correct rtable in vrf setups

    We need to init l3mdev unconditionally, else main routing table is searched
    and incorrect result is returned unless strict (iif keyword) matching is
    requested.

    Next patch adds a selftest for this.

    Fixes: 2a8a7c0eaa87 ("netfilter: nft_fib: Fix for rpath check with VRF devices")
    Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1761
    Signed-off-by: Florian Westphal <fw@strlen.de>
    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Signed-off-by: CKI Backport Bot <cki-ci-bot+cki-gitlab-backport-bot@redhat.com>
 		2025-01-13 15:04:38 +00:00
..
Kconfig netfilter: nf_log_ipv6: merge with nf_log_syslog 2021-03-31 00:37:27 +02:00
Makefile netfilter: nf_log_ipv6: merge with nf_log_syslog 2021-03-31 00:37:27 +02:00
ip6_tables.c netfilter: ip6_tables: zero-initialize fragment offset 2025-01-13 15:04:33 +00:00
ip6t_NPT.c
ip6t_REJECT.c
ip6t_SYNPROXY.c
ip6t_ah.c
ip6t_eui64.c
ip6t_frag.c
ip6t_hbh.c
ip6t_ipv6header.c
ip6t_mh.c
ip6t_rpfilter.c netfilter: ip6t_rpfilter: Fix regression with VRF interfaces 2023-06-15 12:55:30 +02:00
ip6t_rt.c netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6 2022-07-06 21:28:22 +02:00
ip6t_srh.c
ip6table_filter.c netfilter: ip6_tables: pass table pointer via nf_hook_ops 2021-04-26 03:20:47 +02:00
ip6table_mangle.c netfilter: xt_mangle: only check verdict part of return value 2023-12-12 16:32:36 +01:00
ip6table_nat.c netfilter: ip6_tables: pass table pointer via nf_hook_ops 2021-04-26 03:20:47 +02:00
ip6table_raw.c netfilter: ip6_tables: pass table pointer via nf_hook_ops 2021-04-26 03:20:47 +02:00
ip6table_security.c netfilter: ip6_tables: pass table pointer via nf_hook_ops 2021-04-26 03:20:47 +02:00
nf_conntrack_reasm.c netfilter: allow ipv6 fragments to arrive on different devices 2025-01-13 15:04:37 +00:00
nf_defrag_ipv6_hooks.c netfilter: conntrack: fix boot failure with nf_conntrack.enable_hooks=1 2021-12-02 13:57:47 +01:00
nf_dup_ipv6.c netfilter: nf_tables: prevent nf_skb_duplicated corruption 2024-10-03 19:07:59 +02:00
nf_flow_table_ipv6.c
nf_reject_ipv6.c netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() 2024-11-29 12:42:22 +08:00
nf_socket_ipv6.c tcp: Access &tcp_hashinfo via net. 2022-11-08 17:10:59 +01:00
nf_tproxy_ipv6.c netfilter: tproxy: fix deadlock due to missing BH disable 2023-06-12 15:22:48 +02:00
nft_dup_ipv6.c netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters 2023-07-28 18:18:30 +02:00
nft_fib_ipv6.c netfilter: fib: check correct rtable in vrf setups 2025-01-13 15:04:38 +00:00
nft_reject_ipv6.c netfilter: nf_tables: add and use nft_sk helper 2021-05-29 01:04:53 +02:00