summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2009-07-21 16:58:43 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2009-07-21 16:58:43 +0200
commit817f847b52bb05c924491deb994194fd5c1c3ba2 (patch)
tree7bdcb3189824536353c53113210e41ad03ec76da
parente55321739fa5e04920feeb2a25b02073d8eb9e10 (diff)
conntrackd: use conntrack ID in the cache lookup
This patch adds the conntrack ID to the comparison that is made in the lookup of entries that are stored in the cache. For old kernels, this field is set to zero for all entries so this patch does not make any difference. For recent kernels, this allows to keep two entries with the same tuple and different IDs: this is possible if NetlinkEventsReliable is set on. Moreover, this patch is useful to test the reliable ctnetlink event delivery in 2.6.31 works fine. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--src/cache.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/cache.c b/src/cache.c
index f95bef6..ccdce86 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -90,7 +90,9 @@ static int compare(const void *data1, const void *data2)
const struct cache_object *obj = data1;
const struct nf_conntrack *ct = data2;
- return nfct_cmp(obj->ct, ct, NFCT_CMP_ORIG);
+ return nfct_cmp(obj->ct, ct, NFCT_CMP_ORIG) &&
+ nfct_get_attr_u32(obj->ct, ATTR_ID) ==
+ nfct_get_attr_u32(ct, ATTR_ID);
}
struct cache_feature *cache_feature[CACHE_MAX_FEATURE] = {