Message ID | 1536124490-86810-2-git-send-email-dlu998@gmail.com |
---|---|
State | Superseded |
Delegated to: | Justin Pettit |
Headers | show |
Series | [ovs-dev,v2,1/6] conntrack: Handle self nat case. | expand |
diff --git a/lib/conntrack.c b/lib/conntrack.c index 15984d2..4b53e82 100644 --- a/lib/conntrack.c +++ b/lib/conntrack.c @@ -2574,7 +2574,7 @@ conntrack_flush_tuple(struct conntrack *ct, const struct ct_dpif_tuple *tuple, ct_lock_lock(&ct->buckets[bucket].lock); conn_key_lookup(&ct->buckets[bucket], &ctx, time_msec()); - if (ctx.conn) { + if (ctx.conn && ctx.conn->conn_type == CT_CONN_TYPE_DEFAULT) { conn_clean(ct, ctx.conn, &ct->buckets[bucket]); } else { error = ENOENT;
The user should only reference a conntrack entry by the forward direction context, as per 'conntrack_flush()', enforce this by checking for 'default' conn_type. Needs backporting to 2.9. Fixes: 271e48a0e244 ("conntrack: Support conntrack flush by ct 5-tuple") Signed-off-by: Darrell Ball <dlu998@gmail.com> --- lib/conntrack.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)