commit 190ff5b3a168b666925897558998b5d97fec8731
Merge: 6fd6b17... 2e55302...
Author: Linus Torvalds <torvalds@woody.linux-foundation.org>
Date:   Wed Jan 31 16:58:12 2007 -0800

    Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
    
    * master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
      [NETFILTER]: xt_hashlimit: fix ip6tables dependency
      [SCTP]: Force update of the rto when processing HB-ACK
      [IPV6]: fix BUG of ndisc_send_redirect()
      [IPV6]: Fix up some CONFIG typos
      [NETFILTER]: SIP conntrack: fix out of bounds memory access
      [NETFILTER]: SIP conntrack: fix skipping over user info in SIP headers
      [NETFILTER]: xt_connbytes: fix division by zero
      [MAINTAINERS]: netfilter@ is subscribers-only

commit 6fd6b17c6d9713f56b5f20903ec3e00fa6cc435e
Author: Linus Torvalds <torvalds@woody.linux-foundation.org>
Date:   Wed Jan 31 16:43:36 2007 -0800

    Revert "[PATCH] mm: micro optimise zone_watermark_ok"
    
    This reverts commit e80ee884ae0e3794ef2b65a18a767d502ad712ee.
    
    Pawel Sikora had a boot-time oops due to it - because the sign change
    invalidates the following comparisons, since 'free_pages' can be
    negative.
    
    The micro-optimization just isn't worth it.
    
    Bisected-by: Pawel Sikora <pluto@agmk.net>
    Acked-by: Andrew Morton <akpm@osdl.org>
    Cc: Nick Piggin <nickpiggin@yahoo.com.au>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

commit 2e5530236645a042e1481aa19879b819c3e8f5c9
Author: Patrick McHardy <kaber@trash.net>
Date:   Tue Jan 30 21:36:09 2007 -0800

    [NETFILTER]: xt_hashlimit: fix ip6tables dependency
    
    IP6_NF_IPTABLES=m, CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y results in a
    linker error since ipv6_find_hdr is defined in ip6_tables.c. Fix similar
    to Adrian Bunk's H.323 conntrack patch: selecting ip6_tables to be build
    as module requires hashlimit to be built as module as well.
    
    Signed-off-by: Patrick McHardy <kaber@trash.net>
    Signed-off-by: David S. Miller <davem@davemloft.net>

commit e533ca16f31f9e5abfaf5d8c7dbe7095f01474b6
Author: Vlad Yasevich <vladislav.yasevich@hp.com>
Date:   Tue Jan 30 14:36:14 2007 -0800

    [SCTP]: Force update of the rto when processing HB-ACK
    
    When processing a HEARTBEAT-ACK it's possible that the transport rto
    timers will not be updated because a prior T3-RTX processing would
    have cleared the rto_pending flag on the transport.  However, if
    we received a valid HEARTBEAT-ACK, we want to force update the
    rto variables, so re-set the rto_pending flag before calling
    sctp_transport_update_rto().
    
    Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
    Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>

commit 29556526b970c2e7d4ca808b6082c33981adfdff
Author: Li Yewang <lyw@nanjing-fnst.com>
Date:   Tue Jan 30 14:33:20 2007 -0800

    [IPV6]: fix BUG of ndisc_send_redirect()
    
      When I tested IPv6 redirect function about kernel 2.6.19.1, and found
    that the kernel can send redirect packets whose target address is global
    address, and the target is not the actual endpoint of communication.
    
      But the criteria conform to RFC2461, the target address defines as
    following:
    
      Target Address An IP address that is a better first hop to use for
                     he ICMP Destination Address.  When the target is
                     the actual endpoint of communication, i.e., the
                     destination is a neighbor, the Target Address field
                     MUST contain the same value as the ICMP Destination
                     Address field.  Otherwise the target is a better
                     first-hop router and the Target Address MUST be the
                     router's link-local address so that hosts can
                     uniquely identify routers.
    
    According to this definition, when a router redirect to a host, the
    target address either the better first-hop router's link-local address
    or the same as the ICMP destination address field. But the function of
    ndisc_send_redirect() in net/ipv6/ndisc.c, does not check the target
    address correctly.
    
    There is another definition about receive Redirect message in RFC2461:
    
    8.1.  Validation of Redirect Messages
    
       A host MUST silently discard any received Redirect message that does
       not satisfy all of the following validity checks:
       ......
       - The ICMP Target Address is either a link-local address (when
         redirected to a router) or the same as the ICMP Destination
         Address (when redirected to the on-link destination).
       ......
    
    And the receive redirect function of ndisc_redirect_rcv() implemented
    this definition, checks the target address correctly.
        if (ipv6_addr_equal(dest, target)) {
            on_link = 1;
        } else if (!(ipv6_addr_type(target) & IPV6_ADDR_LINKLOCAL)) {
            ND_PRINTK2(KERN_WARNING
                   "ICMPv6 Redirect: target address is not link-local.\n");
            return;
        }
    
    So, I think the send redirect function must check the target address
    also.
    
    Signed-off-by: Li Yewang <lyw@nanjing-fnst.com>
    Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
    Signed-off-by: David S. Miller <davem@davemloft.net>

commit fa03ef38e1516c1f35f6a189100186dded0f8f8c
Author: Neil Horman <nhorman@tuxdriver.com>
Date:   Tue Jan 30 14:30:10 2007 -0800

    [IPV6]: Fix up some CONFIG typos
    
    Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>

commit adcb4711101dfef89d473f64a913089d303962ae
Author: Patrick McHardy <kaber@trash.net>
Date:   Tue Jan 30 14:25:24 2007 -0800

    [NETFILTER]: SIP conntrack: fix out of bounds memory access
    
    When checking for an @-sign in skp_epaddr_len, make sure not to
    run over the packet boundaries.
    
    Signed-off-by: Patrick McHardy <kaber@trash.net>
    Signed-off-by: David S. Miller <davem@davemloft.net>

commit 7da5bfbb12e327b3a347ee3e076957cd6564eb56
Author: Lars Immisch <lars@ibp.de>
Date:   Tue Jan 30 14:24:57 2007 -0800

    [NETFILTER]: SIP conntrack: fix skipping over user info in SIP headers
    
    When trying to skip over the username in the Contact header, stop at the
    end of the line if no @ is found to avoid mangling following headers.
    We don't need to worry about continuation lines because we search inside
    a SIP URI.
    
    Fixes Netfilter Bugzilla #532.
    
    Signed-off-by: Lars Immisch <lars@ibp.de>
    Signed-off-by: Patrick McHardy <kaber@trash.net>
    Signed-off-by: David S. Miller <davem@davemloft.net>

commit fb74a8416022c033e1a950689c264c453f8f98d8
Author: Patrick McHardy <kaber@trash.net>
Date:   Tue Jan 30 14:24:29 2007 -0800

    [NETFILTER]: xt_connbytes: fix division by zero
    
    When the packet counter of a connection is zero a division by zero
    occurs in div64_64(). Fix that by using zero as average value, which
    is correct as long as the packet counter didn't overflow, at which
    point we have lost anyway.
    
    Additionally we're probably going to go back to 64 bit counters
    in 2.6.21.
    
    Based on patch from Jonas Berlin <xkr47@outerspace.dyndns.org>,
    with suggestions from KOVACS Krisztian <hidden@balabit.hu>.
    
    Signed-off-by: Patrick McHardy <kaber@trash.net>
    Signed-off-by: David S. Miller <davem@davemloft.net>

commit 24a1dec55073000264f2da6278baef759929a14f
Author: Randy Dunlap <randy.dunlap@oracle.com>
Date:   Sun Jan 28 15:54:42 2007 -0800

    [MAINTAINERS]: netfilter@ is subscribers-only
    
    netfilter mailing list is subscribers-only.
    
    Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
    Signed-off-by: David S. Miller <davem@davemloft.net>