Age | Commit message (Collapse) | Author |
|
|
|
PiperOrigin-RevId: 334652998
|
|
|
|
PiperOrigin-RevId: 334531794
|
|
|
|
As per relevant IP RFCS (see code comments), broadcast (for IPv4) and
multicast addresses are not allowed. Currently checks for these are
done at the transport layer, but since it is explicitly forbidden at
the IP layers, check for them there.
This change also removes the UDP.InvalidSourceAddress stat since there
is no longer a need for it.
Test: ip_test.TestSourceAddressValidation
PiperOrigin-RevId: 334490971
|
|
|
|
Like matchers, targets should use a module-like register/lookup system. This
replaces the brittle switch statements we had before.
The only behavior change is supporing IPT_GET_REVISION_TARGET. This makes it
much easier to add IPv6 redirect in the next change.
Updates #3549.
PiperOrigin-RevId: 334469418
|
|
|
|
PiperOrigin-RevId: 334428344
|
|
|
|
|
|
|
|
PiperOrigin-RevId: 334263322
|
|
|
|
Updates #1663
PiperOrigin-RevId: 333539293
|
|
VFS2 socket record is not removed from the system-wide
socket table when the socket is released, which will lead
to a memory leak. This patch fixes this issue.
Fixes: #3874
Signed-off-by: Tiwei Bie <tiwei.btw@antgroup.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
PiperOrigin-RevId: 332760843
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
PiperOrigin-RevId: 332486383
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
`ip6tables -t filter` is now usable. NAT support will come in a future CL.
#3549
PiperOrigin-RevId: 332381801
|