[PATCH 6/5] [CTNETLINK] Fix expectation mask dumping
Yasuyuki KOZAKAI
yasuyuki.kozakai at toshiba.co.jp
Thu Mar 2 18:13:15 CET 2006
Hi, Pablo,
Sorry, I forgot to check the part of ip_conntrack_netlink.c in previous
patch.
From: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Wed, 01 Mar 2006 16:23:17 +0100
> Index: net-2.6.16.git/net/ipv4/netfilter/ip_conntrack_netlink.c
> ===================================================================
(snip)
> static inline int
> +ctnetlink_exp_dump_mask(struct sk_buff *skb,
> + const struct ip_conntrack_tuple *tuple,
> + const struct ip_conntrack_tuple *mask)
> +{
> + int ret;
> + struct ip_conntrack_protocol *proto;
> + struct nfattr *nest_parms = NFA_NEST(skb, CTA_EXPECT_MASK);
> +
> + ret = ctnetlink_dump_tuples_ip(skb, mask);
> + if (unlikely(ret < 0))
> + goto nfattr_failure;
> +
> + proto = ip_conntrack_proto_find_get(tuple->dst.protonum);
> + ret = ctnetlink_dump_tuples_proto(skb, mask, proto);
> + if (unlikely(ret < 0))
> + goto nfattr_failure;
> +
> + NFA_NEST_END(skb, nest_parms);
> +
> + return 0;
> +
> +nfattr_failure:
> + return -1;
> +}
ip_conntrack_proto_put() is missing here. Hope I don't miss catching
any more...
-- Yasuyuki Kozakai
More information about the netfilter-devel
mailing list