diff options
| author | Pablo Neira Ayuso | 2006-01-05 21:18:25 +0100 |
|---|---|---|
| committer | David S. Miller | 2006-01-05 21:18:25 +0100 |
| commit | d4d6bb41e09f07668ca2655da707eab936e8e8f0 (patch) | |
| tree | a785fa9ade81b7591ff33c54a23fbcf234f296f5 /net/ipv4 | |
| parent | [NETFILTER]: ctnetlink: ctnetlink_event cleanup (diff) | |
| download | kernel-qcow2-linux-d4d6bb41e09f07668ca2655da707eab936e8e8f0.tar.gz kernel-qcow2-linux-d4d6bb41e09f07668ca2655da707eab936e8e8f0.tar.xz kernel-qcow2-linux-d4d6bb41e09f07668ca2655da707eab936e8e8f0.zip | |
[NETFILTER]: ctnetlink: fix conntrack mark race
Set conntrack mark before it is in hashes.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
| -rw-r--r-- | net/ipv4/netfilter/ip_conntrack_netlink.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c index 04137d0c164c..df04ad873cc2 100644 --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c @@ -1031,6 +1031,11 @@ ctnetlink_create_conntrack(struct nfattr *cda[], return err; } +#if defined(CONFIG_IP_NF_CONNTRACK_MARK) + if (cda[CTA_MARK-1]) + ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1])); +#endif + ct->helper = ip_conntrack_helper_find_get(rtuple); add_timer(&ct->timeout); @@ -1039,11 +1044,6 @@ ctnetlink_create_conntrack(struct nfattr *cda[], if (ct->helper) ip_conntrack_helper_put(ct->helper); -#if defined(CONFIG_IP_NF_CONNTRACK_MARK) - if (cda[CTA_MARK-1]) - ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1])); -#endif - DEBUGP("conntrack with id %u inserted\n", ct->id); return 0; |