ChangeSet 1.1448.114.7, 2005/03/04 01:03:49+01:00, [EMAIL PROTECTED]
[NETFILTER]: Fix refreshing of overlapping expectations
Backport from 2.6, original patch from Rusty:
More importantly, a previous expectation should only be refreshed and
return
EEXIST if it's owned by the same connection (nfsim found this bug).
Slightly different from 2.6 patch, it had a bug that was corrected
in a different patch. We still want to return -EEXIST if the
expectation is owned by a different connection as the expectation
list is global.
Signed-off-by: Patrick McHardy <[EMAIL PROTECTED]>
ip_conntrack_core.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletion(-)
diff -Nru a/net/ipv4/netfilter/ip_conntrack_core.c
b/net/ipv4/netfilter/ip_conntrack_core.c
--- a/net/ipv4/netfilter/ip_conntrack_core.c 2005-03-25 17:02:54 -08:00
+++ b/net/ipv4/netfilter/ip_conntrack_core.c 2005-03-25 17:02:54 -08:00
@@ -973,7 +973,8 @@
pointing into the payload - otherwise we should have to copy
the data filled out by the helper over the old one */
DEBUGP("expect_related: resent packet\n");
- if (related_to->helper->timeout) {
+ if (old->expectant == related_to &&
+ related_to->helper->timeout) {
if (!del_timer(&old->timeout)) {
/* expectation is dying. Fall through */
old = NULL;
-
To unsubscribe from this list: send the line "unsubscribe bk-commits-24" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
