git.baikalelectronics.ru Git - kernel.git/commit

author	Patrick McHardy <kaber@trash.net>
	Thu, 29 Aug 2013 08:32:09 +0000 (10:32 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 4 Sep 2013 09:43:36 +0000 (11:43 +0200)
commit	784bb0a3f9d3f01785d6200d85c16c610658c481
tree	12129c3313c294f70d356defc2d29af664f6a1a4	tree \| snapshot
parent	30981170eaa1447a989a611c9792ca1e149499e0	commit \| diff

netfilter: synproxy_core: fix warning in __nf_ct_ext_add_length()

With CONFIG_NETFILTER_DEBUG we get the following warning during SYNPROXY init:

[ 80.558906] WARNING: CPU: 1 PID: 4833 at net/netfilter/nf_conntrack_extend.c:80 __nf_ct_ext_add_length+0x217/0x220 [nf_conntrack]()

The reason is that the conntrack template is set to confirmed before adding
the extension and it is invalid to add extensions to already confirmed
conntracks. Fix by adding the extensions before setting the conntrack to
confirmed.

Reported-by: Jesper Dangaard Brouer <jesper.brouer@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Acked-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>