github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 14:42:37 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
7281cde1d3
linux/net
History
Alin Nastac d1dbff485d netfilter: nf_nat_sip: fix RTP/RTCP source port translations 
[ Upstream commit 8294059931 ]

Each media stream negotiation between 2 SIP peers will trigger creation
of 4 different expectations (2 RTP and 2 RTCP):
 - INVITE will create expectations for the media packets sent by the
   called peer
 - reply to the INVITE will create expectations for media packets sent
   by the caller

The dport used by these expectations usually match the ones selected
by the SIP peers, but they might get translated due to conflicts with
another expectation. When such event occur, it is important to do
this translation in both directions, dport translation on the receiving
path and sport translation on the sending path.

This commit fixes the sport translation when the peer requiring it is
also the one that starts the media stream. In this scenario, first media
stream packet is forwarded from LAN to WAN and will rely on
nf_nat_sip_expected() to do the necessary sport translation. However, the
expectation matched by this packet does not contain the necessary information
for doing SNAT, this data being stored in the paired expectation created by
the sender's SIP message (INVITE or reply to it).

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-12-05 09:20:31 +01:00
..
6lowpan 6lowpan: iphc: reset mac_header after decompress to fix panic 2018-07-06 12:32:12 +02:00
9p 9p: Transport error uninitialized 2019-10-11 18:21:12 +02:00
802
8021q vlan: disable SIOCSHWTSTAMP in container 2019-05-16 19:41:30 +02:00
appletalk appletalk: enforce CAP_NET_RAW for raw sockets 2019-10-05 13:09:31 +02:00
atm net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
ax25 ax25: enforce CAP_NET_RAW for raw sockets 2019-10-05 13:09:32 +02:00
batman-adv batman-adv: Avoid free/alloc race when handling OGM buffer 2019-11-06 13:06:22 +01:00
bluetooth Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS 2019-11-20 18:47:42 +01:00
bpf bpf/test_run: support cgroup local storage 2018-08-03 00:47:32 +02:00
bpfilter net: bpfilter: use get_pid_task instead of pid_task 2018-10-17 22:03:40 -07:00
bridge bridge: ebtables: don't crash when using dnat target in output chains 2019-12-05 09:19:41 +01:00
caif net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
can can: gw: Fix error path of cgw_module_init 2019-08-29 08:28:30 +02:00
ceph libceph: fix PG split vs OSD (re)connect race 2019-08-29 08:28:50 +02:00
core sock_diag: fix autoloading of the raw_diag module 2019-12-01 09:17:18 +01:00
dcb net: dcb: Add priority-to-DSCP map getters 2018-07-27 13:17:50 -07:00
dccp inet: stop leaking jiffies on the wire 2019-11-10 11:27:37 +01:00
decnet net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
dns_resolver net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
dsa net: dsa: fix switch tree list 2019-11-10 11:27:53 +01:00
ethernet net: Convert GRO SKB handling to list_head. 2018-06-26 11:33:04 +09:00
hsr net/hsr: fix possible crash in add_timer() 2019-03-19 13:12:38 +01:00
ieee802154 ieee802154: enforce CAP_NET_RAW for raw sockets 2019-10-05 13:09:32 +02:00
ife
ipv4 net: bpfilter: fix iptables failure if bpfilter_umh is disabled 2019-12-01 09:17:18 +01:00
ipv6 ipv6: Fix handling of LLA with VRF and sockets bound to VRF 2019-12-01 09:17:34 +01:00
iucv Revert "net: simplify sock_poll_wait" 2018-11-04 14:50:51 +01:00
kcm kcm: switch order of device registration to fix a crash 2019-04-17 08:38:40 +02:00
key af_key: fix leaks in key_pol_get_resp and dump_sp. 2019-07-26 09:14:01 +02:00
l2tp compat_ioctl: pppoe: fix PPPOEIOCSFWD handling 2019-08-09 17:52:34 +02:00
l3mdev
lapb lapb: fixed leak of control-blocks. 2019-06-22 08:15:13 +02:00
llc llc: avoid blocking in llc_sap_close() 2019-11-20 18:46:35 +01:00
mac80211 mac80211: fix station inactive_time shortly after boot 2019-12-05 09:19:46 +01:00
mac802154 net: mac802154: tx: expand tailroom if necessary 2018-08-06 11:21:37 +02:00
mpls mpls: Return error for RTA_GATEWAY attribute 2019-03-10 07:17:19 +01:00
ncsi net/ncsi: Fixup .dumpit message flags and ID check in Netlink handler 2018-08-22 21:39:08 -07:00
netfilter netfilter: nf_nat_sip: fix RTP/RTCP source port translations 2019-12-05 09:20:31 +01:00
netlabel netlabel: fix out-of-bounds memory accesses 2019-03-10 07:17:18 +01:00
netlink genetlink: Fix a memory leak on error path 2019-04-03 06:26:15 +02:00
netrom netrom: hold sock when setting skb->destructor 2019-07-28 08:29:27 +02:00
nfc nfc: netlink: fix double device reference drop 2019-11-12 19:20:30 +01:00
nsh nsh: set mac len based on inner packet 2018-07-12 16:55:29 -07:00
openvswitch openvswitch: fix linking without CONFIG_NF_CONNTRACK_LABELS 2019-12-01 09:17:16 +01:00
packet net/packet: fix race in tpacket_snd() 2019-08-25 10:48:04 +02:00
phonet net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
psample net: sched: act_sample: fix psample group handling on overwrite 2019-09-10 10:33:38 +01:00
qrtr net: qrtr: Stop rx_worker before freeing node 2019-10-05 13:09:27 +02:00
rds net/rds: Fix error handling in rds_ib_add_one() 2019-10-07 18:57:24 +02:00
rfkill Here are quite a large number of fixes, notably: 2018-09-03 22:12:02 -07:00
rose net/rose: fix unbound loop in rose_loopback_timer() 2019-05-02 09:59:00 +02:00
rxrpc rxrpc: Fix trace-after-put looking at the put peer record 2019-11-06 13:06:24 +01:00
sched net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key 2019-12-01 09:16:06 +01:00
sctp sctp: use sk_wmem_queued to check for writable space 2019-12-01 09:16:39 +01:00
smc net/smc: make sure EPOLLOUT is raised 2019-09-06 10:22:06 +02:00
strparser net: strparser: partially revert "strparser: Call skb_unclone conditionally" 2019-05-16 19:41:27 +02:00
sunrpc sunrpc: safely reallow resvport min/max inversion 2019-12-01 09:16:41 +01:00
switchdev
tipc net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
tls net: tls, fix sk_write_space NULL write when tx disabled 2019-09-06 10:22:04 +02:00
unix net: fix warning in af_unix 2019-12-01 09:16:33 +01:00
vmw_vsock VSOCK: bind to random port for VMADDR_PORT_ANY 2019-12-05 09:20:19 +01:00
wimax wimax: remove blank lines at EOF 2018-07-24 14:10:42 -07:00
wireless cfg80211: call disconnect_wk when AP stops 2019-12-01 09:17:34 +01:00
x25 net/x25: fix a race in x25_bind() 2019-03-19 13:12:40 +01:00
xdp xsk: proper AF_XDP socket teardown ordering 2019-11-24 08:20:32 +01:00
xfrm xfrm: use correct size to initialise sp->ovec 2019-11-24 08:20:31 +01:00
compat.c sock: Make sock->sk_stamp thread-safe 2019-01-09 17:38:33 +01:00
Kconfig net: remove blank lines at end of file 2018-07-24 14:10:43 -07:00
Makefile bpfilter: check compiler capability in Kconfig 2018-06-28 13:36:39 +09:00
socket.c net: socket: set sock->sk to NULL after calling proto_ops::release() 2019-03-10 07:17:18 +01:00
sysctl_net.c