Pablo Neira Ayuso wrote: > Patrick McHardy wrote: > >> The conntrack lock is not held, it might crash or create double entries. >> > > Hm, but that code is inside ctnetlink_create_conntrack() which is called > with the conntrack lock held. > > if (nlh->nlmsg_flags & NLM_F_CREATE) > err = ctnetlink_create_conntrack(cda, > &otuple, > &rtuple, > - master_ct, > NETLINK_CB(skb).pid, > - nlmsg_report(nlh)); > + nlmsg_report(nlh), > + u3); > spin_unlock_bh(&nf_conntrack_lock); > Right, I missed that, sorry. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
