Hi Dave!
This is the 5th of my 2.6 merge of recent bugfixes (all tested against
2.6.0-test7). You might need to apply them incrementally (didn't test
it in a different order).
Author: Adrian Bunk <[email protected]>, Harald Welte <[email protected]>
Add the missing Configure.help entry for ipt_recent
Please apply,
diff -Nru --exclude .depend --exclude '*.o' --exclude '*.ko' --exclude '*.ver' --exclude '.*.flags' --exclude '*.orig' --exclude '*.rej' --exclude '*.cmd' --exclude '*.mod.c' --exclude '*~' linux-2.6.0-test1-nftest4/net/ipv4/netfilter/ip_conntrack_core.c linux-2.6.0-test1-nftest5/net/ipv4/netfilter/ip_conntrack_core.c
--- linux-2.6.0-test1-nftest4/net/ipv4/netfilter/ip_conntrack_core.c 2003-07-14 05:28:52.000000000 +0200
+++ linux-2.6.0-test1-nftest5/net/ipv4/netfilter/ip_conntrack_core.c 2003-07-19 16:36:58.000000000 +0200
@@ -251,7 +251,7 @@
}
/* delete all unconfirmed expectations for this conntrack */
-static void remove_expectations(struct ip_conntrack *ct)
+static void remove_expectations(struct ip_conntrack *ct, int drop_refcount)
{
struct list_head *exp_entry, *next;
struct ip_conntrack_expect *exp;
@@ -266,8 +266,11 @@
* the un-established ones only */
if (exp->sibling) {
DEBUGP("remove_expectations: skipping established %p of %p\n", exp->sibling, ct);
- /* Indicate that this expectations parent is dead */
- exp->expectant = NULL;
+ if (drop_refcount) {
+ /* Indicate that this expectations parent is dead */
+ ip_conntrack_put(exp->expectant);
+ exp->expectant = NULL;
+ }
continue;
}
@@ -292,7 +295,7 @@
&ct->tuplehash[IP_CT_DIR_REPLY]);
/* Destroy all un-established, pending expectations */
- remove_expectations(ct);
+ remove_expectations(ct, 1);
}
static void
@@ -1117,7 +1120,7 @@
{
if (i->ctrack->helper == me) {
/* Get rid of any expected. */
- remove_expectations(i->ctrack);
+ remove_expectations(i->ctrack, 0);
/* And *then* set helper to NULL */
i->ctrack->helper = NULL;
}
--
- Harald Welte <[email protected]> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie