git.baikalelectronics.ru Git - kernel.git/commit

author	Liping Zhang <zlpnobody@gmail.com>
	Sat, 29 Apr 2017 13:59:49 +0000 (21:59 +0800)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 1 May 2017 09:48:49 +0000 (11:48 +0200)
commit	6c8b7838f0d4cb46d83b77055c55191193ad5458
tree	75d509dec2c42b8ae71f8e511309802d6fc1053f	tree \| snapshot
parent	4702177e64fcb5e24c5f0e973bb2c6d4409ece9d	commit \| diff

netfilter: nf_ct_ext: invoke destroy even when ext is not attached

For NF_NAT_MANIP_SRC, we will insert the ct to the nat_bysource_table,
then remove it from the nat_bysource_table via nat_extend->destroy.

But now, the nat extension is attached on demand, so if the nat extension
is not attached, we will not be notified when the ct is destroyed, i.e.
we may fail to remove ct from the nat_bysource_table.

So just keep it simple, even if the extension is not attached, we will
still invoke the related ext->destroy. And this will also preserve the
flexibility for the future extension.

Fixes: 545c8bcebc9e ("netfilter: don't attach a nat extension by default")
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/nf_conntrack_extend.h		diff \| blob \| history
net/netfilter/nf_conntrack_extend.c		diff \| blob \| history