diff options
author | David S. Miller <davem@davemloft.net> | 2011-02-09 12:40:21 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2011-02-09 12:40:21 -0800 |
commit | ae0935776c3c7f4c99d0b3909755fe0896277d0e (patch) | |
tree | b04bfd38cb2dfab522834d42ca476241d68a567e | |
parent | 75d1a7522f8b3f4de3eea040fdcdb640deeda64d (diff) | |
parent | c317428644c0af137d80069ab178cd797da3be45 (diff) |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6
-rw-r--r-- | net/netfilter/nf_conntrack_core.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index e61511929c6..84f4fcc5884 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c @@ -942,8 +942,15 @@ nf_conntrack_in(struct net *net, u_int8_t pf, unsigned int hooknum, if (set_reply && !test_and_set_bit(IPS_SEEN_REPLY_BIT, &ct->status)) nf_conntrack_event_cache(IPCT_REPLY, ct); out: - if (tmpl) - nf_ct_put(tmpl); + if (tmpl) { + /* Special case: we have to repeat this hook, assign the + * template again to this packet. We assume that this packet + * has no conntrack assigned. This is used by nf_ct_tcp. */ + if (ret == NF_REPEAT) + skb->nfct = (struct nf_conntrack *)tmpl; + else + nf_ct_put(tmpl); + } return ret; } |