Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf

int nfnetlink_send(struct sk_buff *skb, struct net *net, u32 portid,

		   unsigned int group, int echo, gfp_t flags);

int nfnetlink_set_err(struct net *net, u32 portid, u32 group, int error);

int nfnetlink_unicast(struct sk_buff *skb, struct net *net, u32 portid,

		      int flags);

int nfnetlink_unicast(struct sk_buff *skb, struct net *net, u32 portid);

static inline u16 nfnl_msg_type(u8 subsys, u8 msg_type)

{

 * nf_nat_pptp.c

 *

 * NAT support for PPTP (Point to Point Tunneling Protocol).

 * PPTP is a a protocol for creating virtual private networks.

 * PPTP is a protocol for creating virtual private networks.

 * It is a specification defined by Microsoft and some vendors

 * working with Microsoft.  PPTP is built on top of a modified

 * version of the Internet Generic Routing Encapsulation Protocol.

// SPDX-License-Identifier: GPL-2.0-only

/*

 * Connection tracking support for PPTP (Point to Point Tunneling Protocol).

 * PPTP is a a protocol for creating virtual private networks.

 * PPTP is a protocol for creating virtual private networks.

 * It is a specification defined by Microsoft and some vendors

 * working with Microsoft.  PPTP is built on top of a modified

 * version of the Internet Generic Routing Encapsulation Protocol.

		   && (old_state == TCP_CONNTRACK_SYN_RECV

		       || old_state == TCP_CONNTRACK_ESTABLISHED)

		   && new_state == TCP_CONNTRACK_ESTABLISHED) {

		/* Set ASSURED if we see see valid ack in ESTABLISHED

		/* Set ASSURED if we see valid ack in ESTABLISHED

		   after SYN_RECV or a valid answer for a picked up

		   connection. */

		set_bit(IPS_ASSURED_BIT, &ct->status);

	return false;

}

static void nf_conntrack_udp_refresh_unreplied(struct nf_conn *ct,

					       struct sk_buff *skb,

					       enum ip_conntrack_info ctinfo,

					       u32 extra_jiffies)

{

	if (unlikely(ctinfo == IP_CT_ESTABLISHED_REPLY &&

		     ct->status & IPS_NAT_CLASH))

		nf_ct_kill(ct);

	else

		nf_ct_refresh_acct(ct, ctinfo, skb, extra_jiffies);

}

/* Returns verdict for packet, and may modify conntracktype */

int nf_conntrack_udp_packet(struct nf_conn *ct,

			    struct sk_buff *skb,

		nf_ct_refresh_acct(ct, ctinfo, skb, extra);

		/* never set ASSURED for IPS_NAT_CLASH, they time out soon */

		if (unlikely((ct->status & IPS_NAT_CLASH)))

			return NF_ACCEPT;

		/* Also, more likely to be important, and not a probe */

		if (!test_and_set_bit(IPS_ASSURED_BIT, &ct->status))

			nf_conntrack_event_cache(IPCT_ASSURED, ct);

	} else {

		nf_conntrack_udp_refresh_unreplied(ct, skb, ctinfo,

						   timeouts[UDP_CT_UNREPLIED]);

		nf_ct_refresh_acct(ct, ctinfo, skb, timeouts[UDP_CT_UNREPLIED]);

	}

	return NF_ACCEPT;

}

	if (test_bit(IPS_SEEN_REPLY_BIT, &ct->status)) {

		nf_ct_refresh_acct(ct, ctinfo, skb,

				   timeouts[UDP_CT_REPLIED]);

		if (unlikely((ct->status & IPS_NAT_CLASH)))

			return NF_ACCEPT;

		/* Also, more likely to be important, and not a probe */

		if (!test_and_set_bit(IPS_ASSURED_BIT, &ct->status))

			nf_conntrack_event_cache(IPCT_ASSURED, ct);

	} else {

		nf_conntrack_udp_refresh_unreplied(ct, skb, ctinfo,

						   timeouts[UDP_CT_UNREPLIED]);

		nf_ct_refresh_acct(ct, ctinfo, skb, timeouts[UDP_CT_UNREPLIED]);

	}

	return NF_ACCEPT;

}