From: Greg KH <gregkh@suse.de>
To: kaber@trash.net, dsd@gentoo.org, kernel@linuxace.com,
netfilter-devel@lists.netfilter.org, davem@davemloft.net
Cc: linux-kernel@vger.kernel.org, stable@kernel.org,
Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
"Randy.Dunlap" <rdunlap@xenotime.net>,
Chuck Wolber <chuckw@quantumlinux.com>,
torvalds@osdl.org, akpm@osdl.org, alan@lxorguk.ukuu.org.uk
Subject: [02/11] [NETFILTER]: revert nf_reset change
Date: Wed, 13 Jul 2005 11:42:04 -0700 [thread overview]
Message-ID: <20050713184204.GC9330@kroah.com> (raw)
In-Reply-To: <20050713184130.GA9330@kroah.com>
-stable review patch. If anyone has any objections, please let us know.
------------------
[NETFILTER]: Revert nf_reset change
Revert the nf_reset change that caused so much trouble, drop conntrack
references manually before packets are queued to packet sockets.
Adapted for 2.6.12 by Daniel Drake <dsd@gentoo.org>
Signed-off-by: Phil Oester <kernel@linuxace.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
net/ipv4/ip_output.c | 3 ---
net/ipv4/netfilter/ip_conntrack_standalone.c | 7 +++++++
net/packet/af_packet.c | 6 ++++++
3 files changed, 13 insertions(+), 3 deletions(-)
--- linux-2.6.12.2.orig/net/ipv4/ip_output.c 2005-06-17 12:48:29.000000000 -0700
+++ linux-2.6.12.2/net/ipv4/ip_output.c 2005-07-13 10:56:44.000000000 -0700
@@ -111,7 +111,6 @@
#ifdef CONFIG_NETFILTER_DEBUG
nf_debug_ip_loopback_xmit(newskb);
#endif
- nf_reset(newskb);
netif_rx(newskb);
return 0;
}
@@ -196,8 +195,6 @@
nf_debug_ip_finish_output2(skb);
#endif /*CONFIG_NETFILTER_DEBUG*/
- nf_reset(skb);
-
if (hh) {
int hh_alen;
--- linux-2.6.12.2.orig/net/ipv4/netfilter/ip_conntrack_standalone.c 2005-06-17 12:48:29.000000000 -0700
+++ linux-2.6.12.2/net/ipv4/netfilter/ip_conntrack_standalone.c 2005-07-13 10:56:44.000000000 -0700
@@ -432,6 +432,13 @@
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
+#if !defined(CONFIG_IP_NF_NAT) && !defined(CONFIG_IP_NF_NAT_MODULE)
+ /* Previously seen (loopback)? Ignore. Do this before
+ fragment check. */
+ if ((*pskb)->nfct)
+ return NF_ACCEPT;
+#endif
+
/* Gather fragments. */
if ((*pskb)->nh.iph->frag_off & htons(IP_MF|IP_OFFSET)) {
*pskb = ip_ct_gather_frags(*pskb,
--- linux-2.6.12.2.orig/net/packet/af_packet.c 2005-06-17 12:48:29.000000000 -0700
+++ linux-2.6.12.2/net/packet/af_packet.c 2005-07-13 10:56:44.000000000 -0700
@@ -274,6 +274,9 @@
dst_release(skb->dst);
skb->dst = NULL;
+ /* drop conntrack reference */
+ nf_reset(skb);
+
spkt = (struct sockaddr_pkt*)skb->cb;
skb_push(skb, skb->data-skb->mac.raw);
@@ -517,6 +520,9 @@
dst_release(skb->dst);
skb->dst = NULL;
+ /* drop conntrack reference */
+ nf_reset(skb);
+
spin_lock(&sk->sk_receive_queue.lock);
po->stats.tp_packets++;
__skb_queue_tail(&sk->sk_receive_queue, skb);
next prev parent reply other threads:[~2005-07-13 18:42 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-13 18:41 [00/11] -stable review Greg KH
2005-07-13 18:42 ` Greg KH [this message]
2005-07-13 18:42 ` [03/11] ppc32: stop misusing ntps time_offset value Greg KH
[not found] ` <20050713184130.GA9330-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2005-07-13 18:43 ` [01/11] If ACPI doesn't find an irq listed, don't accept 0 as a valid PCI irq Greg KH
2005-07-13 18:43 ` Greg KH
2005-07-13 18:43 ` [04/11] [SHAPER] fix Shaper driver lossage in 2.6.12 Greg KH
2005-07-13 18:43 ` [05/11] SMP fix for 6pack driver Greg KH
2005-07-13 22:01 ` Francois Romieu
2005-07-13 22:13 ` [stable] " Greg KH
2005-07-15 19:35 ` Adrian Bunk
2005-07-17 21:09 ` Ralf Baechle
2005-07-24 16:08 ` Adrian Bunk
2005-07-13 18:43 ` [06/11] tpm breaks 8139cp Greg KH
2005-07-13 19:09 ` John W. Linville
2005-07-13 18:43 ` [07/11] v4l cx88 hue offset fix Greg KH
2005-07-13 18:43 ` [08/11] coverity: tty_ldisc_ref return null check Greg KH
2005-07-13 18:44 ` [uml-devel] [09/11] uml: fix TT mode by reverting "use fork instead of clone" Greg KH
2005-07-13 18:44 ` Greg KH
2005-07-13 18:44 ` [10/11] fix semaphore handling in __unregister_chrdev_region Greg KH
2005-07-13 18:44 ` [11/11] x86_64: TASK_SIZE fixes for compatibility mode processes Greg KH
2005-07-13 18:49 ` Andi Kleen
2005-07-13 20:47 ` [stable] " Greg KH
2005-07-14 16:45 ` Siddha, Suresh B
2005-07-15 15:53 ` Justin M. Forbes
2005-07-16 2:17 ` Siddha, Suresh B
2005-07-16 4:25 ` Andi Kleen
2005-07-16 5:42 ` [stable] " Chris Wright
2005-07-13 22:05 ` Horst von Brand
2005-07-13 22:36 ` [stable] " Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050713184204.GC9330@kroah.com \
--to=gregkh@suse.de \
--cc=akpm@osdl.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=chuckw@quantumlinux.com \
--cc=davem@davemloft.net \
--cc=dsd@gentoo.org \
--cc=jmforbes@linuxtx.org \
--cc=kaber@trash.net \
--cc=kernel@linuxace.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netfilter-devel@lists.netfilter.org \
--cc=rdunlap@xenotime.net \
--cc=stable@kernel.org \
--cc=torvalds@osdl.org \
--cc=tytso@mit.edu \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.