Commit:     ffed53d25bf36efb0571f7d9109f2e95df7f8b33
Parent:     8c82d8df7060221f131c9ca5352fb613c14f857a
Author:     Patrick McHardy <[EMAIL PROTECTED]>
AuthorDate: Tue Jan 9 14:33:49 2007 -0800
Committer:  David S. Miller <[EMAIL PROTECTED]>
CommitDate: Tue Jan 9 14:33:49 2007 -0800

    [NETFILTER]: nf_nat: fix hanging connections when loading the NAT module
    When loading the NAT module, existing connection tracking entries don't
    have room for NAT information allocated and packets are dropped, causing
    hanging connections. They really should be entered into the NAT table
    as NULL mappings, but the current allocation scheme doesn't allow this.
    For now simply accept those packets to avoid the hanging connections.
    Signed-off-by: Patrick McHardy <[EMAIL PROTECTED]>
    Signed-off-by: David S. Miller <[EMAIL PROTECTED]>
 net/ipv4/netfilter/nf_nat_standalone.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/net/ipv4/netfilter/nf_nat_standalone.c 
index 730a7a4..00d6dea 100644
--- a/net/ipv4/netfilter/nf_nat_standalone.c
+++ b/net/ipv4/netfilter/nf_nat_standalone.c
@@ -123,7 +123,7 @@ nf_nat_fn(unsigned int hooknum,
        nat = nfct_nat(ct);
        if (!nat)
-               return NF_DROP;
+               return NF_ACCEPT;
        switch (ctinfo) {
        case IP_CT_RELATED:
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at

Reply via email to