| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2008-09-25 | ftfw: reset window and flush the resend queue during helloing | Pablo Neira Ayuso | |
| This fixes two bugs when a hello message is received: * We can create malformed nack messages during the helloing. We have to reset the acknowlegdment window, otherwise we may create malformed nack messages. * We have to empty the resend list/queue when a hello message is received, otherwise the entries get stuck to the resend queue once the sequence number wraps around. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
| 2008-09-25 | ftfw: fix race condition in the helloing routine | Pablo Neira Ayuso | |
| This patch fixes a race condition that can prevent one node from sending the initial hello message required to reset the sequence tracking. node A node B | | start | | hello msg |----------------------->| stop | | start | | |<-----------------------| hello-back msg In the picture above, the node A never sends the hello messages. Thus, the node B drops the next messages as they are in the before boundary. This patch adds a new state to the the helloing state-machine to fix this problem. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
| 2008-09-25 | ftfw: fix race that triggers a double insertion into tx_list | Pablo Neira Ayuso | |
| This patch fixes a race condition that can trigger a double insertion to the tx_list. This happens if we receive two resync request very close or resync just after a nack or vice-versa. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
| 2008-09-21 | fix: remove node from tx_list when the state-entry is destroy | Pablo Neira Ayuso | |
| This patches fixes a race that triggers a read-after-free access to the tx_list. The state-entry is destroyed but it is still in the list. The fix removes the state-entry from the tx_list in the destroy path. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
| 2008-09-17 | cleanup: remove some debug messages from sync-ftfw.c | Pablo Neira Ayuso | |
| Remove useless debug messages, now we have a pluging for tcpdump to debug the FT-FW protocol. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
| 2008-09-16 | ftfw: check for malformed ack and nack messages | Pablo Neira Ayuso | |
| This patch checks that the [from, to] interval of ack and nack messages is OK. In other words, we check that: to >= from Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |||
| 2008-05-26 | rework the HELLO logic inside FT-FW | Pablo Neira Ayuso | |
| 2008-05-25 | add eventfd emulation to communicate receiver -> sender | Pablo Neira Ayuso | |
| 2008-04-29 | Fix reorder possible reordering of destroy messages under message omission. ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| This patch introduces the TimeoutDestroy clause to determine how long a conntrack remains in the internal cache once it has been destroy from the kernel table. | |||
| 2008-04-26 | rework of the FT-FW approach | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-03-08 | revert relicensing... still we use linux_list.h code which seems to be GPLv2 ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| only which is incompatible AFAIK | |||
| 2008-03-08 | relicense conntrack-tools as GPLv3+, so far the most significant contributor ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| has been Max Kellermann and has no issues with relicensing their contributions. | |||
| 2008-01-29 | implement a rb-tree based alarm framework | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-23 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| use size_t | |||
| 2008-01-20 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| remove init_alarm() before add_alarm() | |||
| 2008-01-20 | Based on patch from Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| merge mod_alarm() into add_alarm(), remove alarm_set_expiration() | |||
| 2008-01-18 | yet another rework of the alarm scheduler | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-18 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| Simplify logging infrastructure | |||
| 2008-01-17 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| import only required C headers and put local headers on top to check | |||
| 2008-01-17 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| use C99 integers (uint32_t instead of u_int32_t) | |||
| 2008-01-15 | fix missing bracket | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-15 | more list_empty() use instead of directly check the header | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-15 | use list_del_init() and list_empty() to check if a node is in the list | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-15 | minor constification fixes | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| update libnfnetlink dependencies | |||
| 2008-01-15 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| Fix tons of gcc warnings | |||
| 2008-01-15 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| set the return type of the parse functions to "void" | |||
| 2008-01-15 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| use const when possible | |||
| 2008-01-15 | Max Kellermann <max@duempel.org> | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| Use list_for_each_entry() instead of list_for_each() | |||
| 2008-01-15 | Max Kellermann <max@duempel.org>: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| the global variable "alarm" conflicts with the alarm() function from unistd.h. resolve that conflict by giving those two global variables a better name. | |||
| 2008-01-14 | improve alarm framework based on suggestions from Max Duempel | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2008-01-09 | wake up the daemon iff there are real events to handle instead of polling ↵ | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| (Based on comments from Max Kellerman) | |||
| 2008-01-05 | rename class `buffer' to `queue' which is what it really implements | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| 2007-12-21 | o Use more appropriate names for the existing synchronization modes: | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org | |
| o rename `persistent' mode to `alarm' o rename `nack' mode to `ftfw' o Now default synchronization mode is ftfw instead of alarm | |||
 |
index : conntrack-tools.git | |
| conntrack-tools i.e. conntrack and conntrackd (mirror of https://github.com/vyos/conntrack-tools.git) |
| summaryrefslogtreecommitdiff |