Hi Yasuyuki,

Currently we get an oops with nf_conntrack_netlink + nf_conntrack_ftp
because l3num is set to 0xFFFF for the expectation mask. At first sight,
this is correct because l3num is u_int16_t, but the size of the layer-3
array of protocol handlers is AF_MAX (32).

I could add some checking to verify that l3num is less than 32 in
nf_conntrack_find_l3proto, but such checking is only required for
nf_conntrack_ftp and further application helpers. AFAICS, this is the
cleanest way to fix this problem. Any other suggestion?

Cheers,
Pablo

-- 
The dawn of the fourth age of Linux firewalling is coming; a time of
great struggle and heroic deeds -- J.Kadlecsik got inspired by J.Morris