Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. iptables>
  3. Devel
[NETFILTER -stable]: nf_conntrack: don't track locally generated special ICMP error
kaber at trash
Jul 17, 2007, 8:25 AM
Post #1 of 2 (1499 views)
Permalink
Attached are two patches (stable.diff, applies to stable-2.6.21 and
stable-2.6.22 and 2.6.16.diff for stable-2.6.16) fixing incorrect
conntrack association of ICMP errors generated in response to INVALID
packets, causing incorrect address translation in combination with NAT.

Please apply, thanks.

Attached Files:

Re: [NETFILTER -stable]: nf_conntrack: don't track locally generated special ICMP error [ In reply to ]
bunk at stusta
Jul 22, 2007, 3:48 PM
Post #2 of 2 (1427 views)
Permalink
On Tue, Jul 17, 2007 at 05:25:10PM +0200, Patrick McHardy wrote:
> Attached are two patches (stable.diff, applies to stable-2.6.21 and
> stable-2.6.22 and 2.6.16.diff for stable-2.6.16) fixing incorrect
> conntrack association of ICMP errors generated in response to INVALID
> packets, causing incorrect address translation in combination with NAT.
>
> Please apply, thanks.

Thanks, applied to 2.6.16.

cu
Adrian

--

"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal