search for: net_filt

Displaying 5 results from an estimated 5 matches for "net_filt".

Did you mean: get_file
Multicast and receive filtering in TUN/TAP
2008 Jul 09
2
Multicast and receive filtering in TUN/TAP
Yesterday while fixing xoff stuckiness issue in the TUN/TAP driver I got a chance to look into the multicast filtering code in there. And immediately realized how terribly broken & confusing it is. The patch was originally done by Shaun (CC'ed) and went in without any proper ACK from me, Dave or Jeff. Here is the original ref
Multicast and receive filtering in TUN/TAP
2008 Jul 09
2
Multicast and receive filtering in TUN/TAP
Yesterday while fixing xoff stuckiness issue in the TUN/TAP driver I got a chance to look into the multicast filtering code in there. And immediately realized how terribly broken & confusing it is. The patch was originally done by Shaun (CC'ed) and went in without any proper ACK from me, Dave or Jeff. Here is the original ref
[PATCH] tun: Fix/rewrite packet filtering logic
2008 Jul 12
4
[PATCH] tun: Fix/rewrite packet filtering logic
...int attached; uid_t owner; gid_t group; @@ -94,19 +97,119 @@ struct tun_struct { struct sk_buff_head readq; struct net_device *dev; + struct fasync_struct *fasync; - struct fasync_struct *fasync; - - unsigned long if_flags; - u8 dev_addr[ETH_ALEN]; - u32 chr_filter[2]; - u32 net_filter[2]; + struct tap_filter txflt; #ifdef TUN_DEBUG int debug; #endif }; +/* TAP filterting */ +static void addr_hash_set(u32 *mask, const u8 *addr) +{ + int n = ether_crc(ETH_ALEN, addr) >> 26; + mask[n >> 5] |= (1 << (n & 31)); +} + +static unsigned int addr_has...
[PATCH] tun: Fix/rewrite packet filtering logic
2008 Jul 12
4
[PATCH] tun: Fix/rewrite packet filtering logic
...int attached; uid_t owner; gid_t group; @@ -94,19 +97,119 @@ struct tun_struct { struct sk_buff_head readq; struct net_device *dev; + struct fasync_struct *fasync; - struct fasync_struct *fasync; - - unsigned long if_flags; - u8 dev_addr[ETH_ALEN]; - u32 chr_filter[2]; - u32 net_filter[2]; + struct tap_filter txflt; #ifdef TUN_DEBUG int debug; #endif }; +/* TAP filterting */ +static void addr_hash_set(u32 *mask, const u8 *addr) +{ + int n = ether_crc(ETH_ALEN, addr) >> 26; + mask[n >> 5] |= (1 << (n & 31)); +} + +static unsigned int addr_has...
[Bug 1440] New: kernel oops allowing a connection with nfq_set_verdict() on kernel 5.7.x with hardening parameters
2020 Jul 08
3
[Bug 1440] New: kernel oops allowing a connection with nfq_set_verdict() on kernel 5.7.x with hardening parameters
...ions of libnetfilter_queue used are 1.0.3 (Debian/GNU) and 1.0.5 (ArchLinux). I've narrowed the problem down to nfq_set_verdict(), and only when allowing a connection. I've also reproduced it with the tester attached, a minimal version of this one: https://raw.githubusercontent.com/adsbh7/net_filter/e27f6dec4c5d29b71c70b9c33e00b644334726fd/nfqnl_test.c steps to reproduce it: # iptables -t mangle -I OUTPUT -j NFQUEUE --queue-num 100 # ./nfqnl_test $ ping netfilter.org The problem occurs on kernel 5.7.0 (+ hardening-runtime deb package), but a user also reported it with 5.6.16. Finall...