diff options
author | Rusty Russell <rusty@rustcorp.com.au> | 2005-07-21 13:14:46 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2005-07-21 13:14:46 -0700 |
commit | 4acdbdbe5089c06d5e0c7e96783fcc4414ded00a (patch) | |
tree | 77629aef70bd92983518b6f5dd13c70a222c4cbb /include/linux/netfilter_ipv4/ip_conntrack.h | |
parent | 4aa49d130df9209707a97786a55a3f584b7345e9 (diff) |
[NETFILTER]: ip_conntrack_expect_related must not free expectation
If a connection tracking helper tells us to expect a connection, and
we're already expecting that connection, we simply free the one they
gave us and return success.
The problem is that NAT helpers (eg. FTP) have to allocate the
expectation first (to see what port is available) then rewrite the
packet. If that rewrite fails, they try to remove the expectation,
but it was freed in ip_conntrack_expect_related.
This is one example of a larger problem: having registered the
expectation, the pointer is no longer ours to use. Reference counting
is needed for ctnetlink anyway, so introduce it now.
To have a single "put" path, we need to grab the reference to the
connection on creation, rather than open-coding it in the caller.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux/netfilter_ipv4/ip_conntrack.h')
-rw-r--r-- | include/linux/netfilter_ipv4/ip_conntrack.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/include/linux/netfilter_ipv4/ip_conntrack.h b/include/linux/netfilter_ipv4/ip_conntrack.h index 3781192ce15..f8da7ddeff3 100644 --- a/include/linux/netfilter_ipv4/ip_conntrack.h +++ b/include/linux/netfilter_ipv4/ip_conntrack.h @@ -197,6 +197,9 @@ struct ip_conntrack_expect /* Timer function; deletes the expectation. */ struct timer_list timeout; + /* Usage count. */ + atomic_t use; + #ifdef CONFIG_IP_NF_NAT_NEEDED /* This is the original per-proto part, used to map the * expected connection the way the recipient expects. */ |