Ramblewski David wrote: > Hi Eric, > > The conntrack patch works successfully. > >>> diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c >>> index 0ffe689..d2657aa 100644 >>> --- a/net/netfilter/nf_conntrack_netlink.c >>> +++ b/net/netfilter/nf_conntrack_netlink.c >>> @@ -923,7 +923,7 @@ ctnetlink_change_status(struct nf_conn *ct, const struct nlattr * const cda[]) >>> unsigned int status = ntohl(nla_get_be32(cda[CTA_STATUS])); >>> d = ct->status ^ status; >>> >>> - if (d & (IPS_EXPECTED|IPS_CONFIRMED|IPS_DYING)) >>> + if (d & (IPS_EXPECTED|IPS_DYING)) >>> /* unchangeable */ >>> return -EBUSY; >> I think that we should explicitly report if the user unsets >> IPS_CONFIRMED. Please, don't change this. >> >> Apart from that, the patch seems fine to me. Thanks! > > Problem is we now (I mean after my patch) enter > ctnetlink_change_status() with ct->status being null (or at least, > IPS_CONFIRMED not set) Pablo, please let me know whether you want me to apply this. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
