[NETFILTER]: nf_nat: fix hanging connections when loading the NAT module · ffed53d25b - Gogs: Go Git Service GfA electronic

Преглед изворни кода

[NETFILTER]: nf_nat: fix hanging connections when loading the NAT module

When loading the NAT module, existing connection tracking entries don't
have room for NAT information allocated and packets are dropped, causing
hanging connections. They really should be entered into the NAT table
as NULL mappings, but the current allocation scheme doesn't allow this.

For now simply accept those packets to avoid the hanging connections.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

Patrick McHardy пре 18 година

родитељ

8c82d8df70

комит

ffed53d25b

1 измењених фајлова са 1 додато и 1 уклоњено

Подељен поглед Покажи статистику Diff

						
							+ 1
							
							- 1
						
net/ipv4/netfilter/nf_nat_standalone.c
							 
								Прегледај датотеку
							
				@@ -123,7 +123,7 @@ nf_nat_fn(unsigned int hooknum,
			
				 	nat = nfct_nat(ct);
			
				 	if (!nat)
			
				-		return NF_DROP;
			
				+		return NF_ACCEPT;
			
				 	switch (ctinfo) {
			
				 	case IP_CT_RELATED: