Gao Feng <fgao@xxxxxxxxxx> wrote: > > [ 23.465616] ------------[ cut here ]------------ > > [ 23.466477] WARNING: CPU: 0 PID: 1225 at net/netfilter/nf_conntrack_seqadj.c:232 > > nf_ct_seq_offset+0x7a/0x9a > > [ 23.468458] Missing nfct_seqadj_ext_add() setup call > > > > It should be that nf_ct_add_synproxy failed and the seqadj extentision is > not added. Note that nfct_synproxy_ext_add always returns NULL if CONFIG_NETFILTER_SYNPROXY=n The warning should also be removed. > When nf_ct_add_synproxy fails, the init_conntrack fails too and return > ERR_PTR(-ENOMEM). In this case, the packet should be dropped directly, and > should not be processed by the latter codes. This means the commit breaks conntrack if SYNPROXY=n -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
