Nir Tzachar wrote:
Hello. The following warning is reproducible with the code below on 2.6.25.6, which uses sendmsg on a udp socket using two iovecs: .... And I always get the following warning twice: [ 6658.338116] ------------[ cut here ]------------ [ 6658.338121] WARNING: at net/ipv4/netfilter/nf_nat_standalone.c:89 nf_nat_fn+0x33/0x155()
Thanks for the report. Does this patch fix it?
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c index 5a955c4..5bd4833 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c @@ -92,7 +92,7 @@ static int ipv4_get_l4proto(const struct sk_buff *skb, unsigned int nhoff, /* Conntrack defragments packets, we might still see fragments * inside ICMP packets though. */ - if (iph->frag_off & htons(IP_OFFSET)) + if (iph->frag_off & htons(IP_MF | IP_OFFSET)) return -NF_DROP; *dataoff = nhoff + (iph->ihl << 2);
