mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-24 17:23:25 -05:00
Code Activity

net/sched: act_ct: fix err check for nf_conntrack_confirm

Browse source 
The confirm operation should be checked. If there are any failed,
the packet should be dropped like in ovs and netfilter.

Fixes: b57dc7c13e ("net/sched: Introduce action ct")
Signed-off-by: wenxu <wenxu@ucloud.cn>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
wenxu 2021-07-02 11:34:31 +08:00 committed by David S. Miller
parent 1bfa4d0cb5
commit 8955b90c3c
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
net/sched/act_ct.c
View file

@ -1026,7 +1026,8 @@ do_nat:
/* This will take care of sending queued events
* even if the connection is already confirmed.
*/
nf_conntrack_confirm(skb);
if (nf_conntrack_confirm(skb) != NF_ACCEPT)
goto drop;
}
if (!skip_add)