iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Florian Westphal d535c8a69c netfilter: conntrack: udp: only extend timeout to stream mode after 2s 
Currently DNS resolvers that send both A and AAAA queries from same source port
can trigger stream mode prematurely, which results in non-early-evictable conntrack entry
for three minutes, even though DNS requests are done in a few milliseconds.

Add a two second grace period where we continue to use the ordinary
30-second default timeout.  Its enough for DNS request/response traffic,
even if two request/reply packets are involved.

ASSURED is still set, else conntrack (and thus a possible
NAT mapping ...) gets zapped too in case conntrack table runs full.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2018-12-21 00:48:38 +01:00
..
6lowpan
6lowpan: iphc: reset mac_header after decompress to fix panic
2018-07-06 12:32:12 +02:00
9p
Merge branch 'work.afs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2018-11-03 10:35:52 -07:00
802
8021q
8021q: use __vlan_hwaccel helpers
2018-11-08 20:45:04 -08:00
appletalk
Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL
2018-06-28 10:40:47 -07:00
atm
Revert "net: simplify sock_poll_wait"
2018-10-23 10:57:06 -07:00
ax25
ax25: remove blank line at EOF
2018-07-24 14:10:42 -07:00
batman-adv
Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net
2018-09-25 10:35:29 -07:00
bluetooth
Merge branch 'work.afs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2018-11-01 19:58:52 -07:00
bpf
bpf: add tests for direct packet access from CGROUP_SKB
2018-10-19 13:49:34 -07:00
bpfilter
net: bpfilter: Set user mode helper's command line
2018-10-22 19:37:36 -07:00
bridge
bridge: use __vlan_hwaccel helpers
2018-11-08 20:45:04 -08:00
caif
Revert "net: simplify sock_poll_wait"
2018-10-23 10:57:06 -07:00
can
Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL
2018-06-28 10:40:47 -07:00
ceph
Merge branch 'work.afs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2018-11-01 19:58:52 -07:00
core
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-11-11 17:57:54 -08:00
dcb
net: dcb: Add priority-to-DSCP map getters
2018-07-27 13:17:50 -07:00
dccp
net: Convert protocol error handlers from void to int
2018-11-08 17:13:08 -08:00
decnet
decnet: Remove unnecessary check for dev->name
2018-09-21 19:48:36 -07:00
dns_resolver
dns: Allow the dns resolver to retrieve a server set
2018-10-04 09:40:52 -07:00
dsa
net: dsa: legacy: simplify getting .driver_data
2018-10-22 19:49:04 -07:00
ethernet
net: Convert GRO SKB handling to list_head.
2018-06-26 11:33:04 +09:00
hsr
ieee802154
net/ipfrag: let ip[6]frag_high_thresh in ns be higher than in init_net
2018-09-21 19:45:52 -07:00
ife
ipv4
netfilter: ipt_CLUSTERIP: check MAC address when duplicate config is set
2018-12-18 01:18:38 +01:00
ipv6
netfilter: nat: remove nf_nat_l4proto struct
2018-12-17 23:33:31 +01:00
iucv
iucv: Remove SKB list assumptions.
2018-11-10 16:55:11 -08:00
kcm
Revert "kcm: remove any offset before parsing messages"
2018-09-17 18:43:42 -07:00
key
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
2018-07-27 09:33:37 -07:00
l2tp
l2tp: fix unused function warning
2018-08-13 20:45:49 -07:00
l3mdev
lapb
llc
llc: do not use sk_eat_skb()
2018-10-22 19:59:20 -07:00
mac80211
mac80211: implement ieee80211_tx_rate_update to update rate
2018-10-12 13:05:40 +02:00
mac802154
mac802154: Remove VLA usage of skcipher
2018-09-28 12:46:07 +08:00
mpls
net/mpls: Handle kernel side filtering of route dumps
2018-10-16 00:14:07 -07:00
ncsi
net/ncsi: Add NCSI Broadcom OEM command
2018-10-17 22:14:54 -07:00
netfilter
netfilter: conntrack: udp: only extend timeout to stream mode after 2s
2018-12-21 00:48:38 +01:00
netlabel
netlabel: check for IPV4MASK in addrinfo_get
2018-09-21 18:58:34 -07:00
netlink
netlink: Add answer_flags to netlink_callback
2018-10-16 00:13:12 -07:00
netrom
Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL
2018-06-28 10:40:47 -07:00
nfc
Merge branch 'work.tty-ioctl' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2018-10-24 14:43:41 +01:00
nsh
nsh: set mac len based on inner packet
2018-07-12 16:55:29 -07:00
openvswitch
OVS: remove VLAN_TAG_PRESENT - fixup
2018-11-10 13:42:16 -08:00
packet
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-10-06 14:43:42 -07:00
phonet
Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL
2018-06-28 10:40:47 -07:00
psample
qrtr
net: qrtr: Reset the node and port ID of broadcast messages
2018-07-05 20:20:03 +09:00
rds
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-10-12 21:38:46 -07:00
rfkill
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-09-04 21:33:03 -07:00
rose
Revert changes to convert to ->poll_mask() and aio IOCB_CMD_POLL
2018-06-28 10:40:47 -07:00
rxrpc
rxrpc: Fix lockup due to no error backoff after ack transmit error
2018-11-02 23:59:26 -07:00
sched
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-11-11 17:57:54 -08:00
sctp
sctp: Fix SKB list traversal in sctp_intl_store_ordered().
2018-11-10 19:32:23 -08:00
smc
Merge branch 'work.afs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2018-11-01 19:58:52 -07:00
strparser
bpf, sockmap: convert to generic sk_msg interface
2018-10-15 12:23:19 -07:00
sunrpc
NFS client bugfixes for Linux 4.20
2018-11-04 08:20:09 -08:00
switchdev
tipc
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-11-11 17:57:54 -08:00
tls
Merge branch 'work.afs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2018-11-01 19:58:52 -07:00
unix
Revert "net: simplify sock_poll_wait"
2018-10-23 10:57:06 -07:00
vmw_vsock
vsock: split dwork to avoid reinitializations
2018-08-07 12:39:13 -07:00
wimax
wimax: remove blank lines at EOF
2018-07-24 14:10:42 -07:00
wireless
nl80211: Add per peer statistics to compute FCS error rate
2018-10-12 12:56:34 +02:00
x25
x25: remove blank lines at EOF
2018-07-24 14:10:42 -07:00
xdp
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-10-19 11:03:06 -07:00
xfrm
Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-11-03 18:25:17 -07:00
compat.c
y2038: socket: Change recvmmsg to use __kernel_timespec
2018-08-29 15:42:24 +02:00
Kconfig
bpf, sockmap: convert to generic sk_msg interface
2018-10-15 12:23:19 -07:00
Makefile
bpfilter: check compiler capability in Kconfig
2018-06-28 13:36:39 +09:00
socket.c
Merge branch 'work.afs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2018-11-01 19:58:52 -07:00
sysctl_net.c