| To: | Patrick McHardy <kaber@xxxxxxxxx> |
|---|---|
| Subject: | Re: [netfilter-core] [NETFILTER] Apply IPsec to ipt_REJECT packets |
| From: | Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> |
| Date: | Wed, 24 Nov 2004 08:17:05 +1100 |
| Cc: | "David S. Miller" <davem@xxxxxxxxxxxxx>, coreteam@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx |
| In-reply-to: | <20041123211630.GA9805@xxxxxxxxxxxxxxxxxxx> |
| References: | <20041123084225.GA3514@xxxxxxxxxxxxxxxxxxx> <41A37EC0.8010901@xxxxxxxxx> <20041123211630.GA9805@xxxxxxxxxxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | Mutt/1.5.6+20040722i |
On Wed, Nov 24, 2004 at 08:16:30AM +1100, herbert wrote: > On Tue, Nov 23, 2004 at 07:17:36PM +0100, Patrick McHardy wrote: > > > > The patch doesn't handle tcp resets sent in response to a forwarded packet. > > I'll send a patch later tonight. > > Isn't that handled by ip_forward itself? In fact that's probably the reason why nobody has noticed this bug until now :) -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH 1/1] net: Netconsole poll support for 3c509, Matt Mackall |
|---|---|
| Next by Date: | Re: [netfilter-core] [NETFILTER] Apply IPsec to ipt_REJECT packets, Herbert Xu |
| Previous by Thread: | Re: [netfilter-core] [NETFILTER] Apply IPsec to ipt_REJECT packets, Herbert Xu |
| Next by Thread: | Re: [netfilter-core] [NETFILTER] Apply IPsec to ipt_REJECT packets, Patrick McHardy |
| Indexes: | [Date] [Thread] [Top] [All Lists] |