Jan Engelhardt wrote: > On Tuesday 2010-04-13 18:09, Jan Engelhardt wrote: >>>> +#ifdef WITH_CONNTRACK >>>> + nf_conntrack_put(skb->nfct); >>>> + skb->nfct = &tee_track.ct_general; >>>> + skb->nfctinfo = IP_CT_NEW; >>>> + nf_conntrack_get(skb->nfct); >>>> +#endif >>> Why do we still need this? I thought the reentrancy-counter should take >>> care of this? >> Did I really delete that commit... it's done so that conntrack >> does not count the duplicated packets towards the original >> connection. > > While at that, would retaining the old skb's nfctinfo make any sense? I don't think so. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
