similar to: Re: ip_conntrack_lock not readlocked (fwd)

--mYCpIKhGyMATD0i+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Netfilter Core Team Security Advisory =20 CVE: CAN-2003-0187 Subject: Netfilter / Connection Tracking Remote DoS Released: 01 Aug 2003 Effects: Any remote user may be able to DoS a machine

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=495 Summary: Netfilter Connection Tracking Race Condition in Kernel 2.4.x Product: netfilter/iptables Version: linux-2.4.x Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ip_conntrack

Hi, I''m working on the IMQ patch for 2.6.14-rc* and ran in trouble with nfcache. I have to be honest that I''m not following kernel devel as I should so I need to ask for a little help here. I know Mr Harald Welte removed nfcache but I''m not sure about the way to go. I have this at net/ipv4/netfilter/ipt-IMQ.c: static unsigned int imq_target(struct sk_buff **pskb,

--AkbCVLjbJ9qUtAXD Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi all! On behalf of the netfilter core team I have the following announcement: The following kernel versions habe a bug in include/linux/list.h, which causes netfilter's connection tracking code to misbehave: 2.4.10-pre10 2.4.10-pre11 2.4.10-pre12 2.4.10

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=39 Summary: can't execute 'make modules' Product: netfilter/iptables Version: patch-o-matic Platform: i386 OS/Version: RedHat Linux Status: NEW Severity: major Priority: P2 Component: ip_tables (kernel) AssignedTo:

--Qz2CZ664xQdCRdPu Content-Type: multipart/mixed; boundary="BI5RvnYi6R4T2M87" Content-Disposition: inline --BI5RvnYi6R4T2M87 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi! Unfortunately there is a very unpopular announcement to be made on this list: A netfilter security advisory. Phillipe Biondi has been

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=99 Summary: multiline strings in gcc 3.3 Product: netfilter/iptables Version: linux-2.4.x Platform: i386 OS/Version: SuSE Linux Status: NEW Severity: normal Priority: P2 Component: ip_tables (kernel) AssignedTo: laforge@netfilter.org

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=59 Summary: sparc64 conntrack issue with expecting related connections, FTP Product: netfilter/iptables Version: linux-2.4.x Platform: sparc64 OS/Version: other Status: NEW Severity: normal Priority: P2 Component:

Hello, Due to a recent change in the bridge code, we now need a way of knowing if a packet has been defragmented. The bridge code now checks on the packet size and drops packets that are too big for the output port. Defragmented packets will get refragmented later, so they shouldn't be dropped. I've been reading the defragmentation code and can't find an easy way of knowing if a

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=39 beo@sgs.o.se changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |beo@sgs.o.se Status|RESOLVED |REOPENED Resolution|FIXED |

I have added a 2008R2 server as an ADC to a domain (S4 4.5.3);  and the instructions say to verify the DNS records...  what DNS records does one expect to find?  I think I know but looking in DNS it does not appear the server created any DNS records relating to being a DC. No GUID CNAME in _msdcs.micore.us, no SRV records in Default-First- Site-Name._tcp,... I have not yet rebooted the server

Hi all iam trying to setup Dual gate using Julian patch DGD, but when i try tp patch to my kernel with fedora iam getting the following eroor can some one suggest me what is wrong or i need a latest patch for fedora [root@linux-2.4.22-1.2115.nptl]# patch -p1 < /root/update/update/routes-2.4.20-9.diff patching file include/linux/netfilter_ipv4/ip_nat.h patching file

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=55 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- BugsThisDependsOn| |2 Status|NEW |ASSIGNED ------- Additional Comments From laforge@netfilter.org

--8w3uRX/HFJGApMzv Content-Type: multipart/mixed; boundary="ctP54qlpMx3WjD+/" Content-Disposition: inline --ctP54qlpMx3WjD+/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi! The netfilter coreteam proudly presents: iptables version 1.2.6a Unfortunately iptables 1.2.6, released three days ago, contained two

Hello, I need to understand how conntrack_core.c handles the termination of ''expected'' connection; handling in the case when ''expected'' connection arrived, then terminates (In my conntrack module, I need to specially handle the event of termination termination of ''expected'' connection.) In ip_conntrack_core.c, I can''t find the

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=64 ------- Additional Comments From tobias@portfolio16.de 2003-04-21 23:51 ------- Hi, I think I just found a problem with the patch... It was my fault to use a automatic build system and not check it... In the end the patch didn't apply in its whole and I didn't discover it, because the build system just went on.

--9zecZT88ylESpiZX Content-Type: multipart/mixed; boundary="+nG9yj4eE4W6Oba0" Content-Disposition: inline --+nG9yj4eE4W6Oba0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi! The netfilter coreteam proudly presents: iptables version 1.2.7a Unfortunately iptables 1.2.7, released on the website three weeks ago,

Below is a fix for the current problem of checksum offload not working in a NAT''ed network. The cause is the NAT/iptables code incorrectly modifying the TCP/UDP checksum (for the checksum offload case). The original code assumes a valid checksum, which is not the case for checksum offload packets (which has a complimented, partial checksum for the hardware to use). The fix is to

--GYkYyJI7bObpCn+O Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi! Due to an unfortunate event [*] the main netfilter.org system had become unavailable from Aug 19 to Aug 22. =20 The long downtime was caused by the netfilter developer workshop, which distracted the netfilter developers from doing any system administration.

Author: tha-guest Date: 2006-02-24 23:45:10 +0000 (Fri, 24 Feb 2006) New Revision: 56 Modified: trunk/debian/README.Debian trunk/debian/changelog trunk/debian/control trunk/debian/linux-2.6.12-xen.patch Log: hopefully for the last commit before release ;-P - xen-hypervisor & -pae now recommends grub (besides PXE-Boot there is no alternative) - updated & added some more to