Use the socket cached in the TPROXY target if it's present. Signed-off-by: KOVACS Krisztian <hidden@xxxxxxxxxx> --- net/ipv4/tcp_ipv4.c | 8 ++++++++ 1 files changed, 8 insertions(+), 0 deletions(-) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 12d3831..f3e3c5e 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -1661,6 +1661,14 @@ int tcp_v4_rcv(struct sk_buff *skb) TCP_SKB_CB(skb)->flags = iph->tos; TCP_SKB_CB(skb)->sacked = 0; +#if defined(CONFIG_NETFILTER_TPROXY) || defined (CONFIG_NETFILTER_TPROXY_MODULE) + if (unlikely(skb->sk)) { + /* steal reference */ + sk = skb->sk; + skb->destructor = NULL; + skb->sk = NULL; + } else +#endif sk = __inet_lookup(&tcp_hashinfo, iph->saddr, th->source, iph->daddr, th->dest, inet_iif(skb)); if (!sk) - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html