linux/net/ipv4/netfilter
Rusty Russell 4acdbdbe50 [NETFILTER]: ip_conntrack_expect_related must not free expectation
If a connection tracking helper tells us to expect a connection, and
we're already expecting that connection, we simply free the one they
gave us and return success.

The problem is that NAT helpers (eg. FTP) have to allocate the
expectation first (to see what port is available) then rewrite the
packet.  If that rewrite fails, they try to remove the expectation,
but it was freed in ip_conntrack_expect_related.

This is one example of a larger problem: having registered the
expectation, the pointer is no longer ours to use.  Reference counting
is needed for ctnetlink anyway, so introduce it now.

To have a single "put" path, we need to grab the reference to the
connection on creation, rather than open-coding it in the caller.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-07-21 13:14:46 -07:00
..
arp_tables.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
arpt_mangle.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
arptable_filter.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_conntrack_amanda.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_conntrack_core.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_conntrack_ftp.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_conntrack_irc.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_conntrack_proto_generic.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_conntrack_proto_icmp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_conntrack_proto_sctp.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ip_conntrack_proto_tcp.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ip_conntrack_proto_udp.c [NETFILTER]: Avoid unncessary checksum validation in UDP connection tracking 2005-06-21 14:03:23 -07:00
ip_conntrack_standalone.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_conntrack_tftp.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_amanda.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_core.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ip_nat_ftp.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_helper.c [NETFILTER]: Kill nf_debug 2005-06-21 14:01:57 -07:00
ip_nat_irc.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_proto_icmp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_nat_proto_tcp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_nat_proto_udp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_nat_proto_unknown.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_nat_rule.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ip_nat_snmp_basic.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_nat_standalone.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ip_nat_tftp.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_queue.c [NETFILTER]: Fix deadlock with ip_queue and tcp local input path. 2005-05-30 15:35:26 -07:00
ip_tables.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ipt_addrtype.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ah.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_CLASSIFY.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_CLUSTERIP.c [NETFILTER]: ipt_CLUSTERIP: fix ARP mangling 2005-06-28 12:49:30 -07:00
ipt_comment.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_connmark.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_CONNMARK.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_conntrack.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_dscp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_DSCP.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ecn.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ECN.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_esp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_hashlimit.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ipt_helper.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ipt_iprange.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_length.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_limit.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_LOG.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_mac.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_mark.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_MARK.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_MASQUERADE.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ipt_multiport.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_NETMAP.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_NOTRACK.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_owner.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_physdev.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_pkttype.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_realm.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_recent.c [NETFILTER]: ipt_recent: last_pkts is an array of "unsigned long" not "u_int32_t" 2005-06-15 20:51:14 -07:00
ipt_REDIRECT.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_REJECT.c [NETFILTER]: Check TCP checksum in ipt_REJECT 2005-06-21 14:03:46 -07:00
ipt_SAME.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_sctp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_state.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_tcpmss.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_TCPMSS.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_tos.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_TOS.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ttl.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ULOG.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
iptable_filter.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
iptable_mangle.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
iptable_raw.c [NETFILTER]: Missing owner-field initialization in iptable_raw 2005-05-03 14:23:13 -07:00
Kconfig Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
Makefile Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00