On Tuesday 2011-04-26 11:06, Jan Engelhardt wrote:
>On Thursday 2011-04-21 14:51, Florian Westphal wrote:
>
>>The commit a2361c8735e07322023aedc36e4938b35af31eb0
>>("netfilter: xt_conntrack: warn about use in raw table")
>>disallows use of -m conntrack in the raw table:
>>"nfct happens to run after the raw table only".
>>
>>Thats correct, but when the packet was sent from the local machine the
>>skb already has ->nfct attached, and -m conntrack seems to do
>>the right thing.
>
>Hm, I did not consider that. In this case, the patch should be backed
>out.
Patrick/Dave - please issue a revert on
a2361c8735e07322023aedc36e4938b35af31eb0 .
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
