aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKOVACS Krisztian <hidden@balabit.hu>2005-11-14 18:23:01 -0500
committerDavid S. Miller <davem@davemloft.net>2005-11-14 18:23:01 -0500
commit3746a2b1402e7933c7f1eabdce384b8454dc2ef7 (patch)
tree154061b5e4f038a490173370c53472d077fec4ef
parent56558208521729fa6b2a0f12df22e1569dee297a (diff)
[NETFILTER] nf_conntrack: Add missing code to TCP conntrack module
Looks like the nf_conntrack TCP code was slightly mismerged: it does not contain an else branch present in the IPv4 version. Let's add that code and make the testsuite happy. Signed-off-by: KOVACS Krisztian <hidden@balabit.hu> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/netfilter/nf_conntrack_proto_tcp.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index 156680ddb042..5a6fcf349bdf 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -970,6 +970,12 @@ static int tcp_packet(struct nf_conn *conntrack,
970 conntrack->timeout.function((unsigned long) 970 conntrack->timeout.function((unsigned long)
971 conntrack); 971 conntrack);
972 return -NF_REPEAT; 972 return -NF_REPEAT;
973 } else {
974 write_unlock_bh(&tcp_lock);
975 if (LOG_INVALID(IPPROTO_TCP))
976 nf_log_packet(pf, 0, skb, NULL, NULL,
977 NULL, "nf_ct_tcp: invalid SYN");
978 return -NF_ACCEPT;
973 } 979 }
974 case TCP_CONNTRACK_CLOSE: 980 case TCP_CONNTRACK_CLOSE:
975 if (index == TCP_RST_SET 981 if (index == TCP_RST_SET