Hello,
I just tried to apply the recommended patch to a pristine 2.4.20
kernel and the following part fails:
diff -urN --exclude-from=diff.exclude linux-2.4.20-base/net/ipv4/netfilter/ip_conntrack_proto_tcp.c linux-2.4.20-del/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
--- linux-2.4.20-base/net/ipv4/netfilter/ip_conntrack_proto_tcp.c Tue Feb 18 17:07:26 2003
+++ linux-2.4.20-del/net/ipv4/netfilter/ip_conntrack_proto_tcp.c Fri Feb 21 17:03:35 2003
@@ -192,7 +192,7 @@
have an established connection: this is a fairly common
problem case, so we can delete the conntrack
immediately. --RR */
- if (!(conntrack->status & IPS_SEEN_REPLY) && tcph->rst) {
+ if (!test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status) && tcph->rst) {
WRITE_UNLOCK(&tcp_lock);
if (del_timer(&conntrack->timeout))
conntrack->timeout.function((unsigned long)conntrack);
In the original 2.4.20 ip_contrack_prot_tcp the code looks like
follows (starting at line 189):
WRITE_UNLOCK(&tcp_lock);
/* If only reply is a RST, we can consider ourselves not to
have an established connection: this is a fairly common
problem case, so we can delete the conntrack
immediately. --RR */
if (!(conntrack->status & IPS_SEEN_REPLY) && tcph->rst) {
if (del_timer(&conntrack->timeout))
conntrack->timeout.function((unsigned long)conntrack);
The WRITE_UNLOCK ist not part of the if clause, it is done before
checking the conntrack state. Therefore the patch fails at this point.
Is this a bug in the patch, in the linux archive or did I do anything
wrong?
regards,
Jean
