Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> static int ctnetlink_flush_conntrack(struct net *net,
> @@ -1174,6 +1177,13 @@ static int ctnetlink_del_conntrack(struct net *net, struct sock *ctnl,
> nf_ct_put(ct);
> return -ENOENT;
> }
> + } else if (cda[CTA_ID64]) {
> + u64 id = ntohl(nla_get_be64(cda[CTA_ID64]));
be64_to_cpu()?
But at this point we already uniquely identified the conntrack entry
so the ID check appears to be unneeded?
I never understood existing test either, so this remark isn't specific
to your patch.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
