/[linux-patches]/genpatches-2.6/trunk/2.6.12/1905_netfilter-conntrack.patch
Gentoo

Contents of /genpatches-2.6/trunk/2.6.12/1905_netfilter-conntrack.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 88 - (show annotations) (download)
Tue Jul 12 12:50:35 2005 UTC (13 years, 4 months ago) by dsd
File size: 2212 byte(s)
Revert bridge fix; Fix buggy conntrack behaviour
1 [NETFILTER]: Revert nf_reset change
2
3 Revert the nf_reset change that caused so much trouble, drop conntrack
4 references manually before packets are queued to packet sockets.
5
6 Adapted for 2.6.12 by Daniel Drake <dsd@gentoo.org>
7
8 Signed-off-by: Phil Oester <kernel@linuxace.com>
9 Signed-off-by: Patrick McHardy <kaber@trash.net>
10
11 --- linux-2.6.12/net/ipv4/ip_output.c_orig 2005-07-12 13:42:56.000000000 +0100
12 +++ linux-2.6.12/net/ipv4/ip_output.c 2005-07-12 13:46:03.000000000 +0100
13 @@ -111,7 +111,6 @@ static int ip_dev_loopback_xmit(struct s
14 #ifdef CONFIG_NETFILTER_DEBUG
15 nf_debug_ip_loopback_xmit(newskb);
16 #endif
17 - nf_reset(newskb);
18 netif_rx(newskb);
19 return 0;
20 }
21 @@ -196,8 +195,6 @@ static inline int ip_finish_output2(stru
22 nf_debug_ip_finish_output2(skb);
23 #endif /*CONFIG_NETFILTER_DEBUG*/
24
25 - nf_reset(skb);
26 -
27 if (hh) {
28 int hh_alen;
29
30 --- linux-2.6.12/net/ipv4/netfilter/ip_conntrack_standalone.c_orig 2005-07-12 13:43:16.000000000 +0100
31 +++ linux-2.6.12/net/ipv4/netfilter/ip_conntrack_standalone.c 2005-07-12 13:47:44.000000000 +0100
32 @@ -432,6 +432,13 @@ static unsigned int ip_conntrack_defrag(
33 const struct net_device *out,
34 int (*okfn)(struct sk_buff *))
35 {
36 +#if !defined(CONFIG_IP_NF_NAT) && !defined(CONFIG_IP_NF_NAT_MODULE)
37 + /* Previously seen (loopback)? Ignore. Do this before
38 + fragment check. */
39 + if ((*pskb)->nfct)
40 + return NF_ACCEPT;
41 +#endif
42 +
43 /* Gather fragments. */
44 if ((*pskb)->nh.iph->frag_off & htons(IP_MF|IP_OFFSET)) {
45 *pskb = ip_ct_gather_frags(*pskb,
46 --- linux-2.6.12/net/packet/af_packet.c_orig 2005-07-12 13:47:38.000000000 +0100
47 +++ linux-2.6.12/net/packet/af_packet.c 2005-07-12 13:47:44.000000000 +0100
48 @@ -274,6 +274,9 @@ static int packet_rcv_spkt(struct sk_buf
49 dst_release(skb->dst);
50 skb->dst = NULL;
51
52 + /* drop conntrack reference */
53 + nf_reset(skb);
54 +
55 spkt = (struct sockaddr_pkt*)skb->cb;
56
57 skb_push(skb, skb->data-skb->mac.raw);
58 @@ -517,6 +520,9 @@ static int packet_rcv(struct sk_buff *sk
59 dst_release(skb->dst);
60 skb->dst = NULL;
61
62 + /* drop conntrack reference */
63 + nf_reset(skb);
64 +
65 spin_lock(&sk->sk_receive_queue.lock);
66 po->stats.tp_packets++;
67 __skb_queue_tail(&sk->sk_receive_queue, skb);

  ViewVC Help
Powered by ViewVC 1.1.20