archives/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-03-08 01:04:41 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

netfilter: nf_conntrack: enable icmp clash support

Browse source 
Not strictly required, but should not be harmful either:
This isn't a stateful protocol, hence clash resolution should work fine.

Signed-off-by: Florian Westphal <fw@strlen.de>
This commit is contained in:
Florian Westphal 2025-11-19 20:36:41 +01:00
parent 21d033e472
commit f7becf0dad
2 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
net/netfilter/nf_conntrack_proto_icmp.c
View file

@ -365,6 +365,7 @@ void nf_conntrack_icmp_init_net(struct net *net)
const struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp =
{
.l4proto = IPPROTO_ICMP,
.allow_clash = true,
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
.tuple_to_nlattr = icmp_tuple_to_nlattr,
.nlattr_tuple_size = icmp_nlattr_tuple_size,

1
net/netfilter/nf_conntrack_proto_icmpv6.c
View file

@ -343,6 +343,7 @@ void nf_conntrack_icmpv6_init_net(struct net *net)
const struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 =
{
.l4proto = IPPROTO_ICMPV6,
.allow_clash = true,
#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
.tuple_to_nlattr = icmpv6_tuple_to_nlattr,
.nlattr_tuple_size = icmpv6_nlattr_tuple_size,