netfilter: conntrack: fix removal of conntrack entries when l4tracker is removed
nf_ct_l4proto_unregister_one() leaves conntracks added by
to-be-removed tracker behind, nf_ct_l4proto_unregister has to iterate
for each protocol to be removed.
v2: call nf_ct_iterate_destroy without holding nf_ct_proto_mutex.
Fixes: 173b5ed9ae9c4 ("netfilter: move table iteration out of netns exit paths") Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
projects / kernel.git / commit