From: Patrick McHardy <kaber@trash.net>
To: davem@davemloft.net
Cc: netfilter-devel@lists.netfilter.org, Patrick McHardy <kaber@trash.net>
Subject: [NETFILTER 04/05]: nf_nat: fix MASQUERADE crash on device down
Date: Thu, 4 Jan 2007 19:38:25 +0100 (MET) [thread overview]
Message-ID: <20070104183825.18369.29920.sendpatchset@localhost.localdomain> (raw)
In-Reply-To: <20070104183820.18369.3658.sendpatchset@localhost.localdomain>
[NETFILTER]: nf_nat: fix MASQUERADE crash on device down
Check the return value of nfct_nat() in device_cmp(), we might very well
have non NAT conntrack entries as well (Netfilter bugzilla #528).
Signed-off-by: Martin Josefsson <gandalf@wlug.westbo.se>
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit 36263425185d6993ca8af49ad6e7d1af66846d9c
tree 99089b7efc4c5c76d7afdc07f82537b9c525a799
parent d137d1a8688da1e81415c8a6a33d283210408bf0
author Martin Josefsson <gandalf@wlug.westbo.se> Thu, 04 Jan 2007 19:25:56 +0100
committer Patrick McHardy <kaber@trash.net> Thu, 04 Jan 2007 19:25:56 +0100
net/ipv4/netfilter/ipt_MASQUERADE.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c
index 28b9233..d669685 100644
--- a/net/ipv4/netfilter/ipt_MASQUERADE.c
+++ b/net/ipv4/netfilter/ipt_MASQUERADE.c
@@ -127,10 +127,13 @@ #endif
static inline int
device_cmp(struct ip_conntrack *i, void *ifindex)
{
+ int ret;
#ifdef CONFIG_NF_NAT_NEEDED
struct nf_conn_nat *nat = nfct_nat(i);
+
+ if (!nat)
+ return 0;
#endif
- int ret;
read_lock_bh(&masq_lock);
#ifdef CONFIG_NF_NAT_NEEDED
next prev parent reply other threads:[~2007-01-04 18:38 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-04 18:38 [NETFILTER 00/05]: Netfilter fixes Patrick McHardy
2007-01-04 18:38 ` [NETFILTER 01/05]: compat offsets size change Patrick McHardy
2007-01-04 20:14 ` David Miller
2007-01-04 18:38 ` [NETFILTER 02/05]: Fix routing of REJECT target generated packets in output chain Patrick McHardy
2007-01-04 20:15 ` David Miller
2007-01-04 18:38 ` [NETFILTER 03/05]: New connection tracking is not EXPERIMENTAL anymore Patrick McHardy
2007-01-04 20:16 ` David Miller
2007-01-04 18:38 ` Patrick McHardy [this message]
2007-01-04 20:17 ` [NETFILTER 04/05]: nf_nat: fix MASQUERADE crash on device down David Miller
2007-01-04 18:38 ` [NETFILTER 05/05]: ebtables: don't compute gap before checking struct type Patrick McHardy
2007-01-04 20:18 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070104183825.18369.29920.sendpatchset@localhost.localdomain \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).