Jan Engelhardt wrote:
> On Wednesday 2010-03-31 10:41, Patrick McHardy wrote:
>>>>> +static struct xt_match state_mt_reg __read_mostly = {
>>>>> + .name = "state",
>>>>> + .family = NFPROTO_UNSPEC,
>>>>> + .checkentry = state_mt_check,
>>>>> + .match = state_mt,
>>>>> + .destroy = state_mt_destroy,
>>>>> + .matchsize = sizeof(struct xt_state_info),
>>>>> + .me = THIS_MODULE,
>>>>> };
>>>> The patch looks fine, however I'd prefer if in the future you'd add
>>>> a changelog entry for these conversions stating why this will work
>>>> properly in all cases even with arptables and ebtables using the
>>>> xtables infrastructure.
>>> This will work because x_tables scans for NFPROTO_UNSPEC,
>>> and arp/ebtables just using x_tables :-)
>> I'm not sure I'm parsing this correctly. Both will find the match,
>> however the nf_ct_l3proto_try_module_get() call will fail
>
> It won't fail - it is using par->family, not par->match->family.
That's broken then.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
