On Thu, 16 Aug 2012, Pablo Neira Ayuso wrote:
On Thu, Aug 16, 2012 at 01:15:24AM +0200, Patrick McHardy wrote:
[...]
Once question remains though - if the scenario you describe happens and
we're just refreshing an existing expectation, should that one actually
get unexpected by the nf_ct_unexpect_related() call?
The intention is to remove the expectation with that tuple, the refreshing
is just an optimization, so I think that would make sense.
Yes, that's another possibility that look better to me as the expect
object would be always inserted.
So we'd just remove the refreshing, kill the old expectation and insert
the new one instead?
Agreed. Patch attached.
Looks fine. We probably still have another bug though, will have another
look tommorrow.
Acked-by: Patrick McHardy <kaber@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
