Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-06 03:51:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

netfilter: conntrack: increase drop stats if sequence adjustment fails

Browse Source 
This patch increases the statistics of packets drop if the sequence
adjustment fails in ipv4_confirm().

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Pablo Neira Ayuso 2009-03-16 15:18:50 +01:00 committed by Patrick McHardy
parent 67c0d57930
commit 1db7a748df
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
View File

@ -120,9 +120,11 @@ static unsigned int ipv4_confirm(unsigned int hooknum,
typeof(nf_nat_seq_adjust_hook) seq_adjust;
seq_adjust = rcu_dereference(nf_nat_seq_adjust_hook);
if (!seq_adjust || !seq_adjust(skb, ct, ctinfo))
if (!seq_adjust || !seq_adjust(skb, ct, ctinfo)) {
NF_CT_STAT_INC_ATOMIC(nf_ct_net(ct), drop);
return NF_DROP;
}
}
out:
/* We've seen it coming out the other side: confirm it */
return nf_conntrack_confirm(skb);