[NETFILTER]: nf_nat: fix hanging connections when loading the NAT module · ffed53d25b - Gogs: Go Git Service GfA electronic

[NETFILTER]: nf_nat: fix hanging connections when loading the NAT module

When loading the NAT module, existing connection tracking entries don't
have room for NAT information allocated and packets are dropped, causing
hanging connections. They really should be entered into the NAT table
as NULL mappings, but the current allocation scheme doesn't allow this.

For now simply accept those packets to avoid the hanging connections.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

Patrick McHardy 18 年之前

父節點

8c82d8df70

當前提交

ffed53d25b

共有 1 個文件被更改，包括 1 次插入 和 1 次删除

分割檢視顯示文件統計

						
							+ 1
							
							- 1
						
net/ipv4/netfilter/nf_nat_standalone.c
							 
								查看文件
							
				@@ -123,7 +123,7 @@ nf_nat_fn(unsigned int hooknum,
			
				 	nat = nfct_nat(ct);
			
				 	if (!nat)
			
				-		return NF_DROP;
			
				+		return NF_ACCEPT;
			
				 	switch (ctinfo) {
			
				 	case IP_CT_RELATED: