summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorYasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>2006-02-15 15:23:28 -0800
committerDavid S. Miller <davem@davemloft.net>2006-02-15 15:23:28 -0800
commit08857fa745ab6ce46601960d2774490e1cef2cff (patch)
tree8a7c4e341441bc5acc76f9fcf8b75de0086ff060
parent7d3cdc6b554137a7a0534ce38b155a63a3117f27 (diff)
[NETFILTER]: nf_conntrack: attach conntrack to TCP RST generated by ip6t_REJECT
TCP RSTs generated by the REJECT target should be associated with the conntrack of the original TCP packet. Since the conntrack entry is usually not is the hash tables, it must be manually attached. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv6/netfilter/ip6t_REJECT.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c
index c745717b4ce..0e6d1d4bbd5 100644
--- a/net/ipv6/netfilter/ip6t_REJECT.c
+++ b/net/ipv6/netfilter/ip6t_REJECT.c
@@ -160,6 +160,8 @@ static void send_reset(struct sk_buff *oldskb)
csum_partial((char *)tcph,
sizeof(struct tcphdr), 0));
+ nf_ct_attach(nskb, oldskb);
+
NF_HOOK(PF_INET6, NF_IP6_LOCAL_OUT, nskb, NULL, nskb->dst->dev,
dst_output);
}