[netfilter-cvslog] r3702 - trunk/patch-o-matic-ng/nf_conntrack/linux-2.6/net/netfilter

[laforge at netfilter.org]

Author: laforge at netfilter.org
Date: 2005-02-15 02:54:10 +0100 (Tue, 15 Feb 2005)
New Revision: 3702

Modified:
   trunk/patch-o-matic-ng/nf_conntrack/linux-2.6/net/netfilter/nf_conntrack_core.c
Log:
ip_conntrack_alter_reply doesn't need to loop


Modified: trunk/patch-o-matic-ng/nf_conntrack/linux-2.6/net/netfilter/nf_conntrack_core.c
===================================================================
--- trunk/patch-o-matic-ng/nf_conntrack/linux-2.6/net/netfilter/nf_conntrack_core.c	2005-02-15 01:52:19 UTC (rev 3701)
+++ trunk/patch-o-matic-ng/nf_conntrack/linux-2.6/net/netfilter/nf_conntrack_core.c	2005-02-15 01:54:10 UTC (rev 3702)
@@ -1295,16 +1295,12 @@
 	return ret;
 }
 
-/* Alter reply tuple (maybe alter helper).  If it's already taken,
-   return 0 and don't do alteration. */
-int nf_conntrack_alter_reply(struct nf_conn *conntrack,
-			     const struct nf_conntrack_tuple *newreply)
+/* Alter reply tuple (maybe alter helper).  This is for NAT, and is
+   implicitly racy: see __ip_conntrack_confirm */
+void nf_conntrack_alter_reply(struct nf_conn *conntrack,
+			      const struct nf_conntrack_tuple *newreply)
 {
 	WRITE_LOCK(&nf_conntrack_lock);
-	if (__nf_conntrack_find(newreply, conntrack)) {
-		WRITE_UNLOCK(&nf_conntrack_lock);
-		return 0;
-	}
 	/* Should be unconfirmed, so not in hash table yet */
 	NF_CT_ASSERT(!is_confirmed(conntrack));
 
@@ -1315,8 +1311,6 @@
 	if (!conntrack->master && list_empty(&conntrack->sibling_list))
 		conntrack->helper = nf_ct_find_helper(newreply);
 	WRITE_UNLOCK(&nf_conntrack_lock);
-
-	return 1;
 }
 
 int nf_conntrack_helper_register(struct nf_conntrack_helper *me)