[NETFILTER]: PPTP conntrack: simplify expectation handling

Remove duplicated expectation handling in the NAT helper and simplify the remains in the conntrack helper. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Patrick McHardy <kaber@trash.net> 2006-09-20 15:09:34 -0400
committer: David S. Miller <davem@sunset.davemloft.net> 2006-09-22 18:20:13 -0400
commit: cf9f81523ef3e95d9f222c896d266e4562999150 (patch)
tree: 6fa5175b120b150a28e495a8b87704bb139bbb69 /net
parent: 857c06da2ba2e00b81677c2f6740048d87da0207 (diff)
2 files changed, 34 insertions, 116 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c
index 5f7af6ef3881..57eac6e3871a 100644
--- a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c
+++ b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c
@@ -80,7 +80,7 @@ int
                          struct PptpControlHeader *ctlh,
                          union pptp_ctrl_union *pptpReq);
-int
+void
 (*ip_nat_pptp_hook_exp_gre)(struct ip_conntrack_expect *expect_orig,
                            struct ip_conntrack_expect *expect_reply);
@@ -219,93 +219,63 @@ static void pptp_destroy_siblings(struct ip_conntrack *ct)
 /* expect GRE connections (PNS->PAC and PAC->PNS direction) */
 static inline int
-exp_gre(struct ip_conntrack *master,
+exp_gre(struct ip_conntrack *ct,
        __be16 callid,
        __be16 peer_callid)
 {
-        struct ip_conntrack_tuple inv_tuple;
-        struct ip_conntrack_tuple exp_tuples[] = {
-                /* tuple in original direction, PNS->PAC */
-                { .src = { .ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip,
-                           .u = { .gre = { .key = peer_callid } }
-                         },
-                  .dst = { .ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip,
-                           .u = { .gre = { .key = callid } },
-                           .protonum = IPPROTO_GRE
-                         },
-                 },
-                /* tuple in reply direction, PAC->PNS */
-                { .src = { .ip = master->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip,
-                           .u = { .gre = { .key = callid } }
-                         },
-                  .dst = { .ip = master->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip,
-                           .u = { .gre = { .key = peer_callid } },
-                           .protonum = IPPROTO_GRE
-                         },
-                 }
-        };
        struct ip_conntrack_expect *exp_orig, *exp_reply;
        int ret = 1;
-        exp_orig = ip_conntrack_expect_alloc(master);
+        exp_orig = ip_conntrack_expect_alloc(ct);
        if (exp_orig == NULL)
                goto out;
-        exp_reply = ip_conntrack_expect_alloc(master);
+        exp_reply = ip_conntrack_expect_alloc(ct);
        if (exp_reply == NULL)
                goto out_put_orig;
-        memcpy(&exp_orig->tuple, &exp_tuples[0], sizeof(exp_orig->tuple));
+        /* original direction, PNS->PAC */
+        exp_orig->tuple.src.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip;
+        exp_orig->tuple.src.u.gre.key = peer_callid;
+        exp_orig->tuple.dst.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip;
+        exp_orig->tuple.dst.u.gre.key = callid;
+        exp_orig->tuple.dst.protonum = IPPROTO_GRE;
        exp_orig->mask.src.ip = 0xffffffff;
        exp_orig->mask.src.u.all = 0;
-        exp_orig->mask.dst.u.all = 0;
        exp_orig->mask.dst.u.gre.key = htons(0xffff);
        exp_orig->mask.dst.ip = 0xffffffff;
        exp_orig->mask.dst.protonum = 0xff;
-        exp_orig->master = master;
+        exp_orig->master = ct;
        exp_orig->expectfn = pptp_expectfn;
        exp_orig->flags = 0;
        /* both expectations are identical apart from tuple */
        memcpy(exp_reply, exp_orig, sizeof(*exp_reply));
-        memcpy(&exp_reply->tuple, &exp_tuples[1], sizeof(exp_reply->tuple));
-        if (ip_nat_pptp_hook_exp_gre)
-                ret = ip_nat_pptp_hook_exp_gre(exp_orig, exp_reply);
-        else {
-                DEBUGP("calling expect_related PNS->PAC");
+        /* reply direction, PAC->PNS */
-                DUMP_TUPLE(&exp_orig->tuple);
+        exp_reply->tuple.src.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip;
+        exp_reply->tuple.src.u.gre.key = callid;
+        exp_reply->tuple.dst.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip;
+        exp_reply->tuple.dst.u.gre.key = peer_callid;
+        exp_reply->tuple.dst.protonum = IPPROTO_GRE;
-                if (ip_conntrack_expect_related(exp_orig) != 0) {
+        if (ip_nat_pptp_hook_exp_gre)
-                        DEBUGP("cannot expect_related()\n");
+                ip_nat_pptp_hook_exp_gre(exp_orig, exp_reply);
-                        goto out_put_both;
+        if (ip_conntrack_expect_related(exp_orig) != 0)
-                }
+                goto out_put_both;
+        if (ip_conntrack_expect_related(exp_reply) != 0)
-                DEBUGP("calling expect_related PAC->PNS");
+                goto out_unexpect_orig;
-                DUMP_TUPLE(&exp_reply->tuple);
+        /* Add GRE keymap entries */
-                if (ip_conntrack_expect_related(exp_reply) != 0) {
+        if (ip_ct_gre_keymap_add(ct, &exp_orig->tuple, 0) != 0)
-                        DEBUGP("cannot expect_related()\n");
+                goto out_unexpect_both;
-                        goto out_unexpect_orig;
+        if (ip_ct_gre_keymap_add(ct, &exp_reply->tuple, 1) != 0) {
-                }
+                ip_ct_gre_keymap_destroy(ct);
+                goto out_unexpect_both;
-                /* Add GRE keymap entries */
-                if (ip_ct_gre_keymap_add(master, &exp_reply->tuple, 0) != 0) {
-                        DEBUGP("cannot keymap_add() exp\n");
-                        goto out_unexpect_both;
-                }
-                invert_tuplepr(&inv_tuple, &exp_reply->tuple);
-                if (ip_ct_gre_keymap_add(master, &inv_tuple, 1) != 0) {
-                        ip_ct_gre_keymap_destroy(master);
-                        DEBUGP("cannot keymap_add() exp_inv\n");
-                        goto out_unexpect_both;
-                }
-                ret = 0;
        }
+        ret = 0;
 out_put_both:
        ip_conntrack_expect_put(exp_reply);
diff --git a/net/ipv4/netfilter/ip_nat_helper_pptp.c b/net/ipv4/netfilter/ip_nat_helper_pptp.c
index 0f5e753b481d..84f6bd09fcd4 100644
--- a/net/ipv4/netfilter/ip_nat_helper_pptp.c
+++ b/net/ipv4/netfilter/ip_nat_helper_pptp.c
@@ -211,80 +211,28 @@ pptp_outbound_pkt(struct sk_buff **pskb,
        return NF_ACCEPT;
 }
-static int
+static void
 pptp_exp_gre(struct ip_conntrack_expect *expect_orig,
             struct ip_conntrack_expect *expect_reply)
 {
-        struct ip_ct_pptp_master *ct_pptp_info =
-                                &expect_orig->master->help.ct_pptp_info;
-        struct ip_nat_pptp *nat_pptp_info =
-                                &expect_orig->master->nat.help.nat_pptp_info;
        struct ip_conntrack *ct = expect_orig->master;
+        struct ip_ct_pptp_master *ct_pptp_info = &ct->help.ct_pptp_info;
-        struct ip_conntrack_tuple inv_t;
+        struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info;
-        struct ip_conntrack_tuple *orig_t, *reply_t;
        /* save original PAC call ID in nat_info */
        nat_pptp_info->pac_call_id = ct_pptp_info->pac_call_id;
-        /* alter expectation */
-        orig_t = &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple;
-        reply_t = &ct->tuplehash[IP_CT_DIR_REPLY].tuple;
        /* alter expectation for PNS->PAC direction */
-        invert_tuplepr(&inv_t, &expect_orig->tuple);
        expect_orig->saved_proto.gre.key = ct_pptp_info->pns_call_id;
        expect_orig->tuple.src.u.gre.key = nat_pptp_info->pns_call_id;
        expect_orig->tuple.dst.u.gre.key = ct_pptp_info->pac_call_id;
        expect_orig->dir = IP_CT_DIR_ORIGINAL;
-        inv_t.src.ip = reply_t->src.ip;
-        inv_t.dst.ip = reply_t->dst.ip;
-        inv_t.src.u.gre.key = nat_pptp_info->pac_call_id;
-        inv_t.dst.u.gre.key = ct_pptp_info->pns_call_id;
-        if (!ip_conntrack_expect_related(expect_orig)) {
-                DEBUGP("successfully registered expect\n");
-        } else {
-                DEBUGP("can't expect_related(expect_orig)\n");
-                return 1;
-        }
        /* alter expectation for PAC->PNS direction */
-        invert_tuplepr(&inv_t, &expect_reply->tuple);
        expect_reply->saved_proto.gre.key = nat_pptp_info->pns_call_id;
        expect_reply->tuple.src.u.gre.key = nat_pptp_info->pac_call_id;
        expect_reply->tuple.dst.u.gre.key = ct_pptp_info->pns_call_id;
        expect_reply->dir = IP_CT_DIR_REPLY;
-        inv_t.src.ip = orig_t->src.ip;
-        inv_t.dst.ip = orig_t->dst.ip;
-        inv_t.src.u.gre.key = nat_pptp_info->pns_call_id;
-        inv_t.dst.u.gre.key = ct_pptp_info->pac_call_id;
-        if (!ip_conntrack_expect_related(expect_reply)) {
-                DEBUGP("successfully registered expect\n");
-        } else {
-                DEBUGP("can't expect_related(expect_reply)\n");
-                ip_conntrack_unexpect_related(expect_orig);
-                return 1;
-        }
-        if (ip_ct_gre_keymap_add(ct, &expect_reply->tuple, 0) < 0) {
-                DEBUGP("can't register original keymap\n");
-                ip_conntrack_unexpect_related(expect_orig);
-                ip_conntrack_unexpect_related(expect_reply);
-                return 1;
-        }
-        if (ip_ct_gre_keymap_add(ct, &inv_t, 1) < 0) {
-                DEBUGP("can't register reply keymap\n");
-                ip_conntrack_unexpect_related(expect_orig);
-                ip_conntrack_unexpect_related(expect_reply);
-                ip_ct_gre_keymap_destroy(ct);
-                return 1;
-        }
-        return 0;
 }
 /* inbound packets == from PAC to PNS */
author	Patrick McHardy <kaber@trash.net>	2006-09-20 15:09:34 -0400
committer	David S. Miller <davem@sunset.davemloft.net>	2006-09-22 18:20:13 -0400
commit	cf9f81523ef3e95d9f222c896d266e4562999150 (patch)
tree	6fa5175b120b150a28e495a8b87704bb139bbb69 /net
parent	857c06da2ba2e00b81677c2f6740048d87da0207 (diff)

diff --git a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c index 5f7af6ef3881..57eac6e3871a 100644 --- a/net/ipv4/netfilter/ip_conntrack_helper_pptp.c +++ b/net/ipv4/netfilter/ip_conntrack_helper_pptp.c
@@ -80,7 +80,7 @@ int
80	struct PptpControlHeader *ctlh,	80	struct PptpControlHeader *ctlh,
81	union pptp_ctrl_union *pptpReq);	81	union pptp_ctrl_union *pptpReq);
82		82
83	int	83	void
84	(ip_nat_pptp_hook_exp_gre)(struct ip_conntrack_expect expect_orig,	84	(ip_nat_pptp_hook_exp_gre)(struct ip_conntrack_expect expect_orig,
85	struct ip_conntrack_expect *expect_reply);	85	struct ip_conntrack_expect *expect_reply);
86		86
@@ -219,93 +219,63 @@ static void pptp_destroy_siblings(struct ip_conntrack *ct)
219		219
220	/* expect GRE connections (PNS->PAC and PAC->PNS direction) */	220	/* expect GRE connections (PNS->PAC and PAC->PNS direction) */
221	static inline int	221	static inline int
222	exp_gre(struct ip_conntrack *master,	222	exp_gre(struct ip_conntrack *ct,
223	__be16 callid,	223	__be16 callid,
224	__be16 peer_callid)	224	__be16 peer_callid)
225	{	225	{
226	struct ip_conntrack_tuple inv_tuple;
227	struct ip_conntrack_tuple exp_tuples[] = {
228	/* tuple in original direction, PNS->PAC */
229	{ .src = { .ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip,
230	.u = { .gre = { .key = peer_callid } }
231	},
232	.dst = { .ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip,
233	.u = { .gre = { .key = callid } },
234	.protonum = IPPROTO_GRE
235	},
236	},
237	/* tuple in reply direction, PAC->PNS */
238	{ .src = { .ip = master->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip,
239	.u = { .gre = { .key = callid } }
240	},
241	.dst = { .ip = master->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip,
242	.u = { .gre = { .key = peer_callid } },
243	.protonum = IPPROTO_GRE
244	},
245	}
246	};
247	struct ip_conntrack_expect exp_orig, exp_reply;	226	struct ip_conntrack_expect exp_orig, exp_reply;
248	int ret = 1;	227	int ret = 1;
249		228
250	exp_orig = ip_conntrack_expect_alloc(master);	229	exp_orig = ip_conntrack_expect_alloc(ct);
251	if (exp_orig == NULL)	230	if (exp_orig == NULL)
252	goto out;	231	goto out;
253		232
254	exp_reply = ip_conntrack_expect_alloc(master);	233	exp_reply = ip_conntrack_expect_alloc(ct);
255	if (exp_reply == NULL)	234	if (exp_reply == NULL)
256	goto out_put_orig;	235	goto out_put_orig;
257		236
258	memcpy(&exp_orig->tuple, &exp_tuples[0], sizeof(exp_orig->tuple));	237	/* original direction, PNS->PAC */
		238	exp_orig->tuple.src.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip;
		239	exp_orig->tuple.src.u.gre.key = peer_callid;
		240	exp_orig->tuple.dst.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip;
		241	exp_orig->tuple.dst.u.gre.key = callid;
		242	exp_orig->tuple.dst.protonum = IPPROTO_GRE;
259		243
260	exp_orig->mask.src.ip = 0xffffffff;	244	exp_orig->mask.src.ip = 0xffffffff;
261	exp_orig->mask.src.u.all = 0;	245	exp_orig->mask.src.u.all = 0;
262	exp_orig->mask.dst.u.all = 0;
263	exp_orig->mask.dst.u.gre.key = htons(0xffff);	246	exp_orig->mask.dst.u.gre.key = htons(0xffff);
264	exp_orig->mask.dst.ip = 0xffffffff;	247	exp_orig->mask.dst.ip = 0xffffffff;
265	exp_orig->mask.dst.protonum = 0xff;	248	exp_orig->mask.dst.protonum = 0xff;
266		249
267	exp_orig->master = master;	250	exp_orig->master = ct;
268	exp_orig->expectfn = pptp_expectfn;	251	exp_orig->expectfn = pptp_expectfn;
269	exp_orig->flags = 0;	252	exp_orig->flags = 0;
270		253
271	/* both expectations are identical apart from tuple */	254	/* both expectations are identical apart from tuple */
272	memcpy(exp_reply, exp_orig, sizeof(*exp_reply));	255	memcpy(exp_reply, exp_orig, sizeof(*exp_reply));
273	memcpy(&exp_reply->tuple, &exp_tuples[1], sizeof(exp_reply->tuple));
274
275	if (ip_nat_pptp_hook_exp_gre)
276	ret = ip_nat_pptp_hook_exp_gre(exp_orig, exp_reply);
277	else {
278		256
279	DEBUGP("calling expect_related PNS->PAC");	257	/* reply direction, PAC->PNS */
280	DUMP_TUPLE(&exp_orig->tuple);	258	exp_reply->tuple.src.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip;
		259	exp_reply->tuple.src.u.gre.key = callid;
		260	exp_reply->tuple.dst.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip;
		261	exp_reply->tuple.dst.u.gre.key = peer_callid;
		262	exp_reply->tuple.dst.protonum = IPPROTO_GRE;
281		263
282	if (ip_conntrack_expect_related(exp_orig) != 0) {	264	if (ip_nat_pptp_hook_exp_gre)
283	DEBUGP("cannot expect_related()\n");	265	ip_nat_pptp_hook_exp_gre(exp_orig, exp_reply);
284	goto out_put_both;	266	if (ip_conntrack_expect_related(exp_orig) != 0)
285	}	267	goto out_put_both;
286		268	if (ip_conntrack_expect_related(exp_reply) != 0)
287	DEBUGP("calling expect_related PAC->PNS");	269	goto out_unexpect_orig;
288	DUMP_TUPLE(&exp_reply->tuple);	270
289		271	/* Add GRE keymap entries */
290	if (ip_conntrack_expect_related(exp_reply) != 0) {	272	if (ip_ct_gre_keymap_add(ct, &exp_orig->tuple, 0) != 0)
291	DEBUGP("cannot expect_related()\n");	273	goto out_unexpect_both;
292	goto out_unexpect_orig;	274	if (ip_ct_gre_keymap_add(ct, &exp_reply->tuple, 1) != 0) {
293	}	275	ip_ct_gre_keymap_destroy(ct);
294		276	goto out_unexpect_both;
295	/* Add GRE keymap entries */
296	if (ip_ct_gre_keymap_add(master, &exp_reply->tuple, 0) != 0) {
297	DEBUGP("cannot keymap_add() exp\n");
298	goto out_unexpect_both;
299	}
300
301	invert_tuplepr(&inv_tuple, &exp_reply->tuple);
302	if (ip_ct_gre_keymap_add(master, &inv_tuple, 1) != 0) {
303	ip_ct_gre_keymap_destroy(master);
304	DEBUGP("cannot keymap_add() exp_inv\n");
305	goto out_unexpect_both;
306	}
307	ret = 0;
308	}	277	}
		278	ret = 0;
309		279
310	out_put_both:	280	out_put_both:
311	ip_conntrack_expect_put(exp_reply);	281	ip_conntrack_expect_put(exp_reply);


diff --git a/net/ipv4/netfilter/ip_nat_helper_pptp.c b/net/ipv4/netfilter/ip_nat_helper_pptp.c index 0f5e753b481d..84f6bd09fcd4 100644 --- a/net/ipv4/netfilter/ip_nat_helper_pptp.c +++ b/net/ipv4/netfilter/ip_nat_helper_pptp.c
@@ -211,80 +211,28 @@ pptp_outbound_pkt(struct sk_buff **pskb,
211	return NF_ACCEPT;	211	return NF_ACCEPT;
212	}	212	}
213		213
214	static int	214	static void
215	pptp_exp_gre(struct ip_conntrack_expect *expect_orig,	215	pptp_exp_gre(struct ip_conntrack_expect *expect_orig,
216	struct ip_conntrack_expect *expect_reply)	216	struct ip_conntrack_expect *expect_reply)
217	{	217	{
218	struct ip_ct_pptp_master *ct_pptp_info =
219	&expect_orig->master->help.ct_pptp_info;
220	struct ip_nat_pptp *nat_pptp_info =
221	&expect_orig->master->nat.help.nat_pptp_info;
222
223	struct ip_conntrack *ct = expect_orig->master;	218	struct ip_conntrack *ct = expect_orig->master;
224		219	struct ip_ct_pptp_master *ct_pptp_info = &ct->help.ct_pptp_info;
225	struct ip_conntrack_tuple inv_t;	220	struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info;
226	struct ip_conntrack_tuple orig_t, reply_t;
227		221
228	/* save original PAC call ID in nat_info */	222	/* save original PAC call ID in nat_info */
229	nat_pptp_info->pac_call_id = ct_pptp_info->pac_call_id;	223	nat_pptp_info->pac_call_id = ct_pptp_info->pac_call_id;
230		224
231	/* alter expectation */
232	orig_t = &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple;
233	reply_t = &ct->tuplehash[IP_CT_DIR_REPLY].tuple;
234
235	/* alter expectation for PNS->PAC direction */	225	/* alter expectation for PNS->PAC direction */
236	invert_tuplepr(&inv_t, &expect_orig->tuple);
237	expect_orig->saved_proto.gre.key = ct_pptp_info->pns_call_id;	226	expect_orig->saved_proto.gre.key = ct_pptp_info->pns_call_id;
238	expect_orig->tuple.src.u.gre.key = nat_pptp_info->pns_call_id;	227	expect_orig->tuple.src.u.gre.key = nat_pptp_info->pns_call_id;
239	expect_orig->tuple.dst.u.gre.key = ct_pptp_info->pac_call_id;	228	expect_orig->tuple.dst.u.gre.key = ct_pptp_info->pac_call_id;
240	expect_orig->dir = IP_CT_DIR_ORIGINAL;	229	expect_orig->dir = IP_CT_DIR_ORIGINAL;
241	inv_t.src.ip = reply_t->src.ip;
242	inv_t.dst.ip = reply_t->dst.ip;
243	inv_t.src.u.gre.key = nat_pptp_info->pac_call_id;
244	inv_t.dst.u.gre.key = ct_pptp_info->pns_call_id;
245
246	if (!ip_conntrack_expect_related(expect_orig)) {
247	DEBUGP("successfully registered expect\n");
248	} else {
249	DEBUGP("can't expect_related(expect_orig)\n");
250	return 1;
251	}
252		230
253	/* alter expectation for PAC->PNS direction */	231	/* alter expectation for PAC->PNS direction */
254	invert_tuplepr(&inv_t, &expect_reply->tuple);
255	expect_reply->saved_proto.gre.key = nat_pptp_info->pns_call_id;	232	expect_reply->saved_proto.gre.key = nat_pptp_info->pns_call_id;
256	expect_reply->tuple.src.u.gre.key = nat_pptp_info->pac_call_id;	233	expect_reply->tuple.src.u.gre.key = nat_pptp_info->pac_call_id;
257	expect_reply->tuple.dst.u.gre.key = ct_pptp_info->pns_call_id;	234	expect_reply->tuple.dst.u.gre.key = ct_pptp_info->pns_call_id;
258	expect_reply->dir = IP_CT_DIR_REPLY;	235	expect_reply->dir = IP_CT_DIR_REPLY;
259	inv_t.src.ip = orig_t->src.ip;
260	inv_t.dst.ip = orig_t->dst.ip;
261	inv_t.src.u.gre.key = nat_pptp_info->pns_call_id;
262	inv_t.dst.u.gre.key = ct_pptp_info->pac_call_id;
263
264	if (!ip_conntrack_expect_related(expect_reply)) {
265	DEBUGP("successfully registered expect\n");
266	} else {
267	DEBUGP("can't expect_related(expect_reply)\n");
268	ip_conntrack_unexpect_related(expect_orig);
269	return 1;
270	}
271
272	if (ip_ct_gre_keymap_add(ct, &expect_reply->tuple, 0) < 0) {
273	DEBUGP("can't register original keymap\n");
274	ip_conntrack_unexpect_related(expect_orig);
275	ip_conntrack_unexpect_related(expect_reply);
276	return 1;
277	}
278
279	if (ip_ct_gre_keymap_add(ct, &inv_t, 1) < 0) {
280	DEBUGP("can't register reply keymap\n");
281	ip_conntrack_unexpect_related(expect_orig);
282	ip_conntrack_unexpect_related(expect_reply);
283	ip_ct_gre_keymap_destroy(ct);
284	return 1;
285	}
286
287	return 0;
288	}	236	}
289		237
290	/* inbound packets == from PAC to PNS */	238	/* inbound packets == from PAC to PNS */