projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d3ad2c1) | patch
netfilter: conntrack: don't log "invalid" icmpv6 connections
authorFlorian Westphal <fw@strlen.de>
Fri, 25 Aug 2017 00:59:41 +0000 (02:59 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 28 Aug 2017 15:53:56 +0000 (17:53 +0200)
commite2f387d2df0ece6d4418bb09bef7802cfaf7142d
tree6e1023331ae5942fd03e626524e608de0d03f522tree | snapshot
parentd3ad2c17b4047747bcec074814c08b00795afc85commit | diff
netfilter: conntrack: don't log "invalid" icmpv6 connections

When enabling logging for invalid connections we currently also log most
icmpv6 types, which we don't track intentionally (e.g. neigh discovery).
"invalid" should really mean "invalid", i.e. short header or bad checksum.

We don't do any logging for icmp(v4) either, its just useless noise.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c diff | blob | history
Domain: System / Kernel;