06 Jun, 2011
1 commit
-
Following error is raised (and other similar ones) :
net/ipv4/netfilter/nf_nat_standalone.c: In function ‘nf_nat_fn’:
net/ipv4/netfilter/nf_nat_standalone.c:119:2: warning: case value ‘4’
not in enumerated type ‘enum ip_conntrack_info’gcc barfs on adding two enum values and getting a not enumerated
result :case IP_CT_RELATED+IP_CT_IS_REPLY:
Add missing enum values
Signed-off-by: Eric Dumazet
CC: David Miller
Signed-off-by: Pablo Neira Ayuso
18 May, 2011
1 commit
16 May, 2011
2 commits
-
Some Cisco phones do not place the Content-Length field at the end of the
SIP message. This is valid, due to a misunderstanding of the specification
the parser expects the SDP body to start directly after the Content-Length
field. Fix the parser to scan for \r\n\r\n to locate the beginning of the
SDP body.Reported-by: Teresa Kang
Signed-off-by: Patrick McHardy -
Verify that the message length of a single SIP message, which is calculated
based on the Content-Length field contained in the SIP message, does not
exceed the packet boundaries.Signed-off-by: Patrick McHardy
31 Mar, 2011
1 commit
-
Fixes generated by 'codespell' and manually reviewed.
Signed-off-by: Lucas De Marchi
21 Oct, 2010
1 commit
04 Oct, 2010
2 commits
-
Signed-off-by: Simon Horman
Acked-by: Julian Anastasov -
Signed-off-by: Simon Horman
Acked-by: Julian Anastasov
23 Sep, 2010
1 commit
-
I initially noticed this because of the compiler warning below, but it
does seem to be a valid concern in the case where ct_sip_get_header()
returns 0 in the first iteration of the while loop.net/netfilter/nf_conntrack_sip.c: In function 'sip_help_tcp':
net/netfilter/nf_conntrack_sip.c:1379: warning: 'ret' may be used uninitialized in this functionSigned-off-by: Simon Horman
[Patrick: changed NF_DROP to NF_ACCEPT]
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
15 May, 2010
1 commit
-
Handle non-linear skbs by linearizing them instead of silently failing.
Long term the helper should be fixed to either work with non-linear skbs
directly by using the string search API or work on a copy of the data.Based on patch by Jason Gunthorpe
Signed-off-by: Patrick McHardy
13 May, 2010
1 commit
-
Make sure all printk messages have a severity level.
Signed-off-by: Stephen Hemminger
Signed-off-by: Patrick McHardy
08 Mar, 2010
1 commit
-
Conflicts:
Documentation/filesystems/proc.txt
arch/arm/mach-u300/include/mach/debug-macro.S
drivers/net/qlge/qlge_ethtool.c
drivers/net/qlge/qlge_main.c
drivers/net/typhoon.c
16 Feb, 2010
1 commit
-
Normally, each connection needs a unique identity. Conntrack zones allow
to specify a numerical zone using the CT target, connections in different
zones can use the same identity.Example:
iptables -t raw -A PREROUTING -i veth0 -j CT --zone 1
iptables -t raw -A OUTPUT -o veth1 -j CT --zone 1Signed-off-by: Patrick McHardy
11 Feb, 2010
6 commits
-
Signed-off-by: Patrick McHardy
-
Add support for mangling TCP SIP packets.
Signed-off-by: Patrick McHardy
-
Add TCP support, which is mandated by RFC3261 for all SIP elements.
SIP over TCP is similar to UDP, except that messages are delimited
by Content-Length: headers and multiple messages may appear in one
packet.Signed-off-by: Patrick McHardy
-
When using TCP multiple SIP messages might be present in a single packet.
A following patch will parse them by setting the dptr to the beginning of
each message. The NAT helper needs to reload the dptr value after mangling
the packet however, so it needs to know the offset of the message to the
beginning of the packet.Signed-off-by: Patrick McHardy
-
When requests are parsed, the "sip:" part of the SIP URI should be skipped.
Usually this doesn't matter because address parsing skips forward until after
the username part, but in case REGISTER requests it doesn't contain a username
and the address can not be parsed.Signed-off-by: Patrick McHardy
-
Make the output a bit more informative by showing the helper an expectation
belongs to and the expectation class.Signed-off-by: Patrick McHardy
09 Feb, 2010
1 commit
-
In particular, several occurances of funny versions of 'success',
'unknown', 'therefore', 'acknowledge', 'argument', 'achieve', 'address',
'beginning', 'desirable', 'separate' and 'necessary' are fixed.Signed-off-by: Daniel Mack
Cc: Joe Perches
Cc: Junio C Hamano
Signed-off-by: Jiri Kosina
20 Jan, 2010
1 commit
-
In a string like "v:SIP/2.0..." it was checking for !isalpha('S') when it
meant to be inspecting the ':'.Patch by Greg Alexander
Signed-off-by: Patrick McHardy
17 Nov, 2008
1 commit
-
This patch adds the macro MODULE_ALIAS_NFCT_HELPER that defines a
way to provide generic and persistent aliases for the connection
tracking helpers.This next patch requires this patch.
Signed-off-by: Pablo Neira Ayuso
Signed-off-by: Patrick McHardy
08 Oct, 2008
2 commits
-
Signed-off-by: Alexey Dobriyan
Signed-off-by: Patrick McHardy -
Make per-netns a) expectation hash and b) expectations count.
Expectations always belongs to netns to which it's master conntrack belong.
This is natural and doesn't bloat expectation.Proc files and leaf users are stubbed to init_net, this is temporary.
Signed-off-by: Alexey Dobriyan
Signed-off-by: Patrick McHardy
08 Sep, 2008
1 commit
-
Helper's ->help hook can run concurrently with itself, so iterating over
SIP helpers with static pointer won't work reliably.Signed-off-by: Alexey Dobriyan
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
08 May, 2008
1 commit
-
Some Inovaphone PBXs exhibit very stange behaviour: when dialing for
example "123", the device sends INVITE requests for "1", "12" and
"123" back to back. The first requests will elicit error responses
from the receiver, causing the SIP helper to flush the RTP
expectations even though we might still see a positive response.Note the sequence number of the last INVITE request that contained a
media description and only flush the expectations when receiving a
negative response for that sequence number.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
20 Apr, 2008
1 commit
-
Reported by Ingo Molnar.
The SIP helper is also useful without NAT. This patch adds an ifdef
around the RTP call optimization for NATed clients.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
14 Apr, 2008
2 commits
-
Add accessors for l3num and protonum and get rid of some overly long
expressions.Signed-off-by: Patrick McHardy
-
Some callers pass uninitialized structures, clear the address to make
sure later comparisions work properly.Signed-off-by: Patrick McHardy
26 Mar, 2008
11 commits
-
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Optimize call routing between NATed endpoints: when an external
registrar sends a media description that contains an existing RTP
expectation from a different SNATed connection, the gatekeeper
is trying to route the call directly between the two endpoints.We assume both endpoints can reach each other directly and
"un-NAT" the addresses, which makes the media stream go between
the two endpoints directly.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Add support for multiple media channels and use it to create
expectations for video streams when present.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
The SDP connection addresses may be contained in the payload multiple
times (in the session description and/or once per media description),
currently only the session description is properly updated. Split up
SDP mangling so the function setting up expectations only updates the
media port, update connection addresses from media descriptions while
parsing them and at the end update the session description when the
final addresses are known.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Create expectations for the RTCP connections in addition to RTP connections.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Media streams can come from anywhere, add a module parameter which
controls whether wildcard expectations or expectations between the
two signalling endpoints are created.Since the same media description sent on multiple connections may
results in multiple identical expections when using a wildcard source,
we need to check whether a similar expectation already exists for a
different connection before attempting to register it.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Create expectations for incoming signalling connections when seeing
a REGISTER request. This is needed when the registrar uses a
different source port number for signalling messages and for receiving
incoming calls from other endpoints than the registrar.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Introduce URI and header parameter parsing helpers. These are needed
by the conntrack helper to parse expiration values in Contact: header
parameters and by the NAT helper to properly update the Via-header
rport=, received= and maddr= parameters.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Flush the RTP expectations we've created when a call is hung up or
terminated otherwise.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Both may contains SDP offers/answers.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Perform NAT last after parsing the packet. This makes no difference
currently, but is needed when dealing with registrations to make
sure we seen the unNATed addresses.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller