netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [PATCH] fix netfilter refcounting [was Re: Conntrack leak (2.6.2rc2)

from [David S. Miller] [Permanent Link][Original]
To: Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx>
Subject: Re: [PATCH] fix netfilter refcounting [was Re: Conntrack leak (2.6.2rc2)]
From: "David S. Miller" <davem@xxxxxxxxxx>
Date: Tue, 3 Feb 2004 10:27:12 -0800
Cc: steve@xxxxxxxxxxxx, netdev@xxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxxxxxx
In-reply-to: <Pine.LNX.4.33.0402031825170.11950-100000@blackhole.kfki.hu>
References: <Pine.LNX.4.33.0402031629150.11737-100000@blackhole.kfki.hu> <Pine.LNX.4.33.0402031825170.11950-100000@blackhole.kfki.hu>
Sender: netdev-bounce@xxxxxxxxxxx 
On Tue, 3 Feb 2004 18:43:38 +0100 (CET)
Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxxxxxx> wrote:

> Steve Hill reported a conntrack leakage in 2.6.2-rc2 when nat is enabled
> and the system forwards fragmented packets. It turned out that an
> nf_conntrack_put was missing from ip_copy_metadata:

Nevermind my previous email, it was a total thinko... you're patch
is obviously correct and we had this same damn exact problem with
the bridging skbuff nf objects as well. (see changeset 1.1474.41.3)

I'll apply your patch and push to Linus now.  Thanks.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SCTP sockopt discrepancy between 2.4 and 2.6., David S. Miller
Next by Date:  Re: Disabling IPv6 accept_ra on just some interface (fwd), Pekka Savola
Previous by Thread:  Re: [PATCH] fix netfilter refcounting [was Re: Conntrack leak (2.6.2rc2)], David S. Miller
Next by Thread:  Re: [PATCH] fix netfilter refcounting [was Re: Conntrack leak (2.6.2rc2)], Steve Hill
Indexes:  [Date] [Thread] [Top] [All Lists]