At module unload time, we use ip_conntrack_count to determine how many
conntracks need to be destroyed before we can unload.  get_next_corpse
looks in the hash tables and unconfirmed list for the conntracks until
ip_conntrack_count == 0.  

Unfortunately, conntracks occasionally get pinned by an skb which for
some reason or another won't go away.  So ct_general->use never reduces
to 1 for these conntracks, and they do not appear in either the
hashes or the unconfirmed list.  As such, we loop around forever at
i_see_dead_people trying to kill a conntrack which we will never find.

The below patch attempts to fix this by doing two things:

1) when a conntrack is removed from the hashes in clean_from_lists,
   add it to a new 'cleaned' list, similar to how the unconfirmed list
   works.  This ensures that we never lose sight of a conntrack --
   it moves from unconfirmed->hashed->cleaned in its lifetime.
   get_next_corpse now checks the cleaned list for conntracks also.

2) change get_next_corpse to set the usage count of conntracks to
   1 once they are found.  Otherwise, these pinned conntracks will never
   be able to be removed, since use will be > 1 

Without the below, I can trivially hang a box on module unload by
using NetworkManager on FC3 -- seems to be related to the DHCP process.
With this patch, unload works every time.

This fixes Netfilter bugzilla #91 and Redhat bugzilla #112630.

Phil

Signed-off-by: Phil Oester <kernel@linuxace.com>