]> git.itanic.dy.fi Git - linux-stable/commit
projects / linux-stable / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1689f25) | patch
netfilter: conntrack: gre: don't set assured flag for clash entries
authorFlorian Westphal <fw@strlen.de>
Mon, 3 Jul 2023 11:43:18 +0000 (13:43 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 5 Jul 2023 12:42:15 +0000 (14:42 +0200)
commit8a9dc07ba92497a81f1ff65d25c2ba7b6f9a8bdc
treeef341573e9866293fa24d12992172fcccc95e37ctree | snapshot
parent1689f25924ada8fe14a4a82c38925d04994c7142commit | diff
netfilter: conntrack: gre: don't set assured flag for clash entries

Now that conntrack core is allowd to insert clashing entries, make sure
GRE won't set assured flag on NAT_CLASH entries, just like UDP.

Doing so prevents early_drop logic for these entries.

Fixes: d671fd82eaa9 ("netfilter: conntrack: allow insertion clash of gre protocol")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_conntrack_proto_gre.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.