Displaying 20 results from an estimated 9000 matches similar to: "[Bug 1384] New: memory leaks when netfilter is used to filter network traffic"
2012 Apr 25
1
forwarding packets to service in same host without using loopback network
This question is not about linux usage. But still i think user list
is a good crowd for linux programmer. So here it goes.
I have this libnetfilter_queue application which receives packets from
kernel based on some iptables rule. Before going straight to my
problem, i'm giving a sample workable code and other tools to set up a
test environment so that We problem definition and possible
2007 Apr 18
1
[Bridge] [PATCH/RFC] Reduce call chain length in netfilter (take 2)
Hi,
This is a second try to fix the long chain call lengths in netfilter.
The difference with the previous patch is that I got rid of the extra
argument. I somehow didn't see it could be done without using the 'int
*ret2' argument.
A comment on the number of arguments to nf_hook_slow: I don't think the
number of arguments should be decreased. For the bridge-nf code, f.e.,
the
2006 Jul 25
0
[Bug 495] New: Netfilter Connection Tracking Race Condition in Kernel 2.4.x
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=495
Summary: Netfilter Connection Tracking Race Condition in Kernel
2.4.x
Product: netfilter/iptables
Version: linux-2.4.x
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ip_conntrack
2011 Mar 07
2
[Bug 708] New: Some accepted packets get lost
http://bugzilla.netfilter.org/show_bug.cgi?id=708
Summary: Some accepted packets get lost
Product: libnetfilter_queue
Version: unspecified
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P3
Component: libnetfilter_queue
AssignedTo: netfilter-buglog at
2024 Apr 03
9
[Bug 1742] New: using nfqueue breaks SCTP connection (tracking)
https://bugzilla.netfilter.org/show_bug.cgi?id=1742
Bug ID: 1742
Summary: using nfqueue breaks SCTP connection (tracking)
Product: libnetfilter_queue
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: libnetfilter_queue
Assignee:
2009 Mar 18
4
[Bug 586] New: Problems changing the source address of a packet
http://bugzilla.netfilter.org/show_bug.cgi?id=586
Summary: Problems changing the source address of a packet
Product: libnetfilter_queue
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: blocker
Priority: P1
Component: libnetfilter_queue
AssignedTo: laforge at netfilter.org
2005 Nov 05
0
[ANNOUNCE] multiple netfilter.org releases
Hi!
Today the netfilter project released
libnfnetlink-0.0.11
ftp://ftp.netfilter.org/pub/libnfnetlink/libnfnetlink-0.0.11.tar.bz2
This is the low-level communications library
libnetfilter_log-0.0.10
ftp://ftp.netfilter.org/pub/libnetfilter_log/libnetfilter_log-0.0.10.tar.bz2
This is the userspace library for nfnetlink_log in 2.6.14
It is used by the upcoming ulogd-2.00beta release
Needs
2014 May 25
1
traffic distribution not happening in centos 6.5
Hi,
I am experimenting with libnetfilter_queue. libnetfilter_queue is a
userspace library providing an API to packets that have been queued by
the kernel packet filter.
I am using sample code(nfqnl_test.c) available on netfilter.org. I
have generated two binaries (queue0 and queue1) using that
nfqnl_test.c sample code.
These binaries are working as per expected behaviour in case of Centos
6.2
2007 Apr 18
2
[Bridge] The problem of bridge+netfilter+nat
Hi,
I met a problem when using bridge with netfilter. The kernel version
2.4.20, and the patch is bridge-nf-0.0.10-against-2.4.20.diff.
Our firewall configuration is as follows,
eth3,eth4,eth5,eth6 configured as a bridge with an IP address 10.0.0.1.
The local net connect to the internet via the gateway 10.0.0.1 and SNAT
is applied on the firewall. It worked but sometimes there are some
2020 Aug 27
0
[Bug 1455] New: Queue verdict cannot be used in vmap
https://bugzilla.netfilter.org/show_bug.cgi?id=1455
Bug ID: 1455
Summary: Queue verdict cannot be used in vmap
Product: nftables
Version: unspecified
Hardware: arm
OS: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2013 Aug 09
1
Why libnetfilter_queue is missing from CentOS, but available in, Fedora?
I am asking this on behalf of the HIPL developers;
http://infrahip.hiit.fi/
https://launchpad.net/hipl
They have been working on getting their code consistant to the new
libnetfilter architecture. Finally have Fedora 18 and 19 available, but
have hit a stumbling block with Centos 6. They tell me they are not
finding libnetfilter_queue. Here is their message to me:
On 08/08/2013 02:03 PM,
2012 Jan 02
2
[ANNOUNCE] libnetfilter_queue 1.0.1 release
Hi!
The Netfilter project proudly presents:
libnetfilter_queue 1.0.1
libnetfilter_queue is a userspace library providing an API to packets
that have been queued by the kernel packet filter.
See ChangeLog that comes attached to this email for more details.
You can download it from:
http://www.netfilter.org/projects/libnetfilter_queue/downloads.html
2007 Apr 18
4
[Bridge] [PATCH/RFC] Let {ip, arp}tables "see" bridged VLAN tagged {I, AR}P packets
Hi all,
The patch below does four trivial changes and one big change
Trivial changes, these are all in br_netfilter.c:
- check ar_pln==4 when giving bridged ARP packets to arptables
- delete unnecessary if in br_nf_local_in
- add more logging for the "Argh" message
- add some brag-comments in the file head comment
Big change: let {ip,arp}tables see VLAN tagged {I,AR}P packets.
This
2014 Jun 07
1
[Bug 957] New: [PATCH] Wrong function name in libnetfilter_queue/libnetfilter_queue_ipv6.h
https://bugzilla.netfilter.org/show_bug.cgi?id=957
Summary: [PATCH] Wrong function name in
libnetfilter_queue/libnetfilter_queue_ipv6.h
Product: libnetfilter_queue
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P5
Component: libnetfilter_queue
2007 Apr 18
3
[Bridge] Re: do_IRQ: stack overflow: 872..
On Fri, 07 Jan 2005 17:05:59 +0000
David Woodhouse <dwmw2@infradead.org> wrote:
> On Sat, 2004-12-18 at 08:50 +0100, Andi Kleen wrote:
> > It's not really an oops, just a warning that stack space got quiet
> > tight.
> >
> > The problem seems to be that the br netfilter code is nesting far too
> > deeply and recursing several times. Looks like a design
2003 Aug 02
0
[SECURITY] Netfilter Security Advisory: Conntrack list_del() DoS
--mYCpIKhGyMATD0i+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Netfilter Core Team Security Advisory
=20
CVE: CAN-2003-0187
Subject:
Netfilter / Connection Tracking Remote DoS
Released:
01 Aug 2003
Effects:
Any remote user may be able to DoS a machine
2013 Aug 02
1
[Bug 837] New: Large ICMP packets are lost
https://bugzilla.netfilter.org/show_bug.cgi?id=837
Summary: Large ICMP packets are lost
Product: libnetfilter_queue
Version: unspecified
Platform: x86_64
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: libnetfilter_queue
AssignedTo: netfilter-buglog at lists.netfilter.org
2020 Apr 19
0
Netfilter fails to filter traffic from a netblock?
On 19/04/2020 14:58, Jeffrey Walton wrote:
Hi Jeffrey,
> The offending host is 59.64.129.175. To err on the side of caution we
> attempted to block the entire netblock. According to whois data,
> that's 59.64.128.0-59.64.159.255.
>
> iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP
>
> After reboot cpu usage is still high and access_log still shows
> useless
2020 Apr 19
0
Netfilter fails to filter traffic from a netblock?
Thought it might also be helpful to confirm that firewalld is not
interfering in any way.
what is the output of ~$# systemctl status firewalld
On Sun, Apr 19, 2020 at 9:30 AM Jeffrey Walton <noloader at gmail.com> wrote:
>
> On Sun, Apr 19, 2020 at 9:26 AM Anand Buddhdev <anandb at ripe.net> wrote:
> >
> > On 19/04/2020 14:58, Jeffrey Walton wrote:
> >
>
2020 Apr 19
1
Netfilter fails to filter traffic from a netblock?
On Sun, Apr 19, 2020 at 9:40 AM Mike <1100100 at gmail.com> wrote:
>
> Thought it might also be helpful to confirm that firewalld is not
> interfering in any way.
>
> what is the output of ~$# systemctl status firewalld
Thanks Mike.
# systemctl status firewalld
Unit firewalld.service could not be found.
Jeff