Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | conntrackd: helpers: dhcpv6: Fix potential array overrun | Phil Sutter | 2019-02-12 | 1 | -1/+1 |
| | | | | | | | | | | The value dhcpv6_msg_type points at is used as index to dhcpv6_timeouts array, so upper boundary check has to treat a value of ARRAY_SIZE(dhcpv6_timeouts) as invalid. Fixes: 36118bfc4901b ("conntrackd: helpers: add DHCPv6 helper") Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | ||||
* | conntrackd: helpers: add DHCPv6 helper | Pablo Neira Ayuso | 2013-09-26 | 1 | -0/+123 |
This patch adds support for the DHCPv6 helper. 1) nfct helper add dhcpv6 inet6 udp 2) ip6tables -I OUTPUT -t raw -p udp --sport 546 -j CT --helper dhcpv6 3) run conntrackd You should see: % conntrack -L exp -f ipv6 279 proto=17 src=:: dst=ff02::1:2 sport=0 dport=546 mask-src=:: mask-dst=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff sport=0 dport=65535 master-src=fe80::221:ccff:fe4a:7f9c master-dst=ff02::1:2 sport=546 dport=547 PERMANENT class=0 helper=dhcpv6 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> |