[NETFILTER]: Prevent NAT from seeing fragments - user/sven/linux.git

diff options

author	Patrick McHardy <kaber@trash.net>	2005-02-23 03:38:18 -0800
committer	David S. Miller <davem@nuts.davemloft.net>	2005-02-23 03:38:18 -0800
commit	b6f0a1dcb47d9c5712aa3dbd65d1bce03ef47452 (patch)
tree	f0b6d71727688eb43a1590fcebec74b65497a2b3 /include/linux/string.h
parent	0f4389e9ea7fab8b28c40a1730c1b895211430a8 (diff)

[NETFILTER]: Prevent NAT from seeing fragments

The path for loopback is: LOCAL_OUT: conntrack defrags POST_ROUTING: conntrack refrags PRE_ROUTING: skip conntrack defrag because skb->nfct != NULL PRE_ROUTING: NAT gets hit by fragments Always defrag on loopback if NAT is compiled in. Signed-off-by: Patrick McHardy <kaber@trash.net> Acked-by: Rusty Russel <rusty@rustcorp.com.au> Signed-off-by: David S. Miller <davem@davemloft.net>

Diffstat (limited to 'include/linux/string.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: