Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bbb3357d authored Nov 29, 2006 by Pablo Neira Ayuso Committed by David S. Miller Dec 02, 2006

[NETFILTER]: ctnetlink: check for status attribute existence on conntrack creation



Check that status flags are available in the netlink message received
to create a new conntrack.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>

parent 1b683b55

net/ipv4/netfilter/ip_conntrack_netlink.c

+5 −3

Original line number	Diff line number	Diff line
		@@ -945,9 +945,11 @@ ctnetlink_create_conntrack(struct nfattr *cda[],
		ct->timeout.expires = jiffies + ct->timeout.expires * HZ;
		ct->status \|= IPS_CONFIRMED;

		if (cda[CTA_STATUS-1]) {
		err = ctnetlink_change_status(ct, cda);
		if (err < 0)
		goto err;
		}

		if (cda[CTA_PROTOINFO-1]) {
		err = ctnetlink_change_protoinfo(ct, cda);

net/netfilter/nf_conntrack_netlink.c

+5 −3

Original line number	Diff line number	Diff line
		@@ -963,9 +963,11 @@ ctnetlink_create_conntrack(struct nfattr *cda[],
		ct->timeout.expires = jiffies + ct->timeout.expires * HZ;
		ct->status \|= IPS_CONFIRMED;

		if (cda[CTA_STATUS-1]) {
		err = ctnetlink_change_status(ct, cda);
		if (err < 0)
		goto err;
		}

		if (cda[CTA_PROTOINFO-1]) {
		err = ctnetlink_change_protoinfo(ct, cda);