Hi Pablo, > -----Original Message----- > From: Pablo Neira Ayuso [mailto:pablo@xxxxxxxxxxxxx] > Sent: Friday, April 7, 2017 3:55 AM > To: gfree.wind@xxxxxxxxxxx > Cc: netfilter-devel@xxxxxxxxxxxxxxx; Gao Feng <fgao@xxxxxxxxxx> > Subject: Re: [PATCH nf-next 1/1] netfilter: ctlink: Return error directly when > create expect without help > > On Tue, Mar 28, 2017 at 09:52:52AM +0800, gfree.wind@xxxxxxxxxxx wrote: > > From: Gao Feng <fgao@xxxxxxxxxx> > > > > The expect check func "__nf_ct_expect_check" asks the master_help is > > necessary. So it is unnecessary to go ahead in ctnetlink_alloc_expect > > when there is no help. > > > > Actually the commit bc01befdcf3e ("netfilter: ctnetlink: add support > > for user-space expectation helpers") permits ctlink create one expect > > even though there is no master help. But the latter commit > > 3d058d7bc2c5 > > ("netfilter: rework user-space expectation helper support") disables > > it again. > > Probably reject this upfront if no nfct_help(ct) is there. > > See patch attached. Yes, it is better. Would you apply this patch which you attached directly, or need I send another v2 update? Best Regards Feng -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
