Jozsef Kadlecsik wrote:
On Wed, 9 Jul 2008, Patrick McHardy wrote:
Good catch, thanks. Basically all del_timer()/timeout.function calls
in conntrack can happen in process context, so we'd have to disable
BHs every time we do this. I think this fix should also work. The
only spot where we return NF_REPEAT is in TCP conntrack, so we can
simply make sure we only do this if we actually managed to kill the
connection.
Jozsef, what do you think?
I agree with you completely - and nice catch, indeed! Your proposed patch
looks just fine.
Thanks, I'll send a backport for 2.6.26 to Dave tonight.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
