Eric Dumazet wrote: > Le jeudi 18 février 2010 à 16:53 -0800, Afi Gjermund a écrit : > > Thanks Afi for providing us more info :) > > Patrick, If a user application asks NF_STOLEN, we leak the skb. > As the entry is freed, there is no way this skb can be found again. > > What do you think of following patch ? > Or should we ignore NF_STOLEN status from user, to let packet still > queued ? I think dropping the packet is the expected behaviour. > [PATCH] nf_queue: fix NF_STOLEN skb leak > > commit 3bc38712e3a6e059 (handle NF_STOP and unknown verdicts in > nf_reinject) was a partial fix to packet leaks. > > If user asks NF_STOLEN status, we must free the skb as well. > > Applied, thanks Eric. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
