]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/commit
projects / mirror_ubuntu-jammy-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 310e2d4) | patch
netfilter: conntrack: make max chain length random
authorFlorian Westphal <fw@strlen.de>
Wed, 8 Sep 2021 12:28:35 +0000 (14:28 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 21 Sep 2021 01:46:55 +0000 (03:46 +0200)
commitc9c3b6811f7429b8c292de5774cea67f3a033eb2
treeedca5cd570b3f5dc88766ea80db2e14d78c45f47tree
parent310e2d43c3ad429c1fba4b175806cf1f55ed73a6commit | diff
netfilter: conntrack: make max chain length random

Similar to commit 67d6d681e15b
("ipv4: make exception cache less predictible"):

Use a random drop length to make it harder to detect when entries were
hashed to same bucket list.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_conntrack_core.c diff | blob | blame | history
Ubuntu Jammy Linux kernel mirror