Commit ffed53d2 authored Jan 09, 2007 by Patrick McHardy Committed by David S. Miller Jan 09, 2007

[NETFILTER]: nf_nat: fix hanging connections when loading the NAT module

When loading the NAT module, existing connection tracking entries don't
have room for NAT information allocated and packets are dropped, causing
hanging connections. They really should be entered into the NAT table
as NULL mappings, but the current allocation scheme doesn't allow this.

For now simply accept those packets to avoid the hanging connections.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent 8c82d8df

net/ipv4/netfilter/nf_nat_standalone.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -123,7 +123,7 @@ nf_nat_fn(unsigned int hooknum,

		nat = nfct_nat(ct);
		if (!nat)
		return NF_DROP;
		return NF_ACCEPT;

		switch (ctinfo) {
		case IP_CT_RELATED: