* [PATCH 2.4] NETFILTER: fix broken debug assertion
@ 2004-08-01 23:18 Harald Welte
2004-08-02 2:41 ` David S. Miller
0 siblings, 1 reply; 2+ messages in thread
From: Harald Welte @ 2004-08-01 23:18 UTC (permalink / raw)
To: David Miller; +Cc: Netfilter Development Mailinglist
[-- Attachment #1: Type: text/plain, Size: 2219 bytes --]
Hi Dave!
This patch fixes the broken netfilter assertions in 2.4.x.
Please apply, thanks.
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
# 2004/06/23 00:25:21+02:00 kaber@trash.net
# [NETFILTER]: Fix two more broken assertions
#
# Signed-off-by: Patrick McHardy <kaber@trash.net>
# Signed-off-by: Harald Welte <laforge@netfilter.org>
#
# net/ipv4/netfilter/ipt_MASQUERADE.c
# 2004/06/23 00:25:18+02:00 kaber@trash.net +2 -2
# [NETFILTER]: Fix two more broken assertions
#
# net/ipv4/netfilter/ip_nat_rule.c
# 2004/06/23 00:25:18+02:00 kaber@trash.net +2 -1
# [NETFILTER]: Fix two more broken assertions
#
diff -Nru a/net/ipv4/netfilter/ip_nat_rule.c b/net/ipv4/netfilter/ip_nat_rule.c
--- a/net/ipv4/netfilter/ip_nat_rule.c 2004-06-23 00:26:25 +02:00
+++ b/net/ipv4/netfilter/ip_nat_rule.c 2004-06-23 00:26:25 +02:00
@@ -121,7 +121,8 @@
ct = ip_conntrack_get(*pskb, &ctinfo);
/* Connection must be valid and new. */
- IP_NF_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED));
+ IP_NF_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED
+ || ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY));
IP_NF_ASSERT(out);
return ip_nat_setup_info(ct, targinfo, hooknum);
diff -Nru a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c
--- a/net/ipv4/netfilter/ipt_MASQUERADE.c 2004-06-23 00:26:25 +02:00
+++ b/net/ipv4/netfilter/ipt_MASQUERADE.c 2004-06-23 00:26:25 +02:00
@@ -79,8 +79,8 @@
return NF_ACCEPT;
ct = ip_conntrack_get(*pskb, &ctinfo);
- IP_NF_ASSERT(ct && (ctinfo == IP_CT_NEW
- || ctinfo == IP_CT_RELATED));
+ IP_NF_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED
+ || ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY));
mr = targinfo;
--
- Harald Welte <laforge@netfilter.org> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH 2.4] NETFILTER: fix broken debug assertion
2004-08-01 23:18 [PATCH 2.4] NETFILTER: fix broken debug assertion Harald Welte
@ 2004-08-02 2:41 ` David S. Miller
0 siblings, 0 replies; 2+ messages in thread
From: David S. Miller @ 2004-08-02 2:41 UTC (permalink / raw)
To: Harald Welte; +Cc: netfilter-devel
On Mon, 2 Aug 2004 01:18:32 +0200
Harald Welte <laforge@netfilter.org> wrote:
> This patch fixes the broken netfilter assertions in 2.4.x.
Applied.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-08-02 2:41 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-08-01 23:18 [PATCH 2.4] NETFILTER: fix broken debug assertion Harald Welte
2004-08-02 2:41 ` David S. Miller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.