conntrack: do not set on NLM_F_ACK in IPCTNL_MSG_CT_GET requests

GET requests report either error via NLMSG_ERROR or the corresponding
entry, therefore, there is always a reply from the kernel.

The NLM_F_ACK flag results in two netlink messages as reply in case of
success for GET requests, one containing the entry and another with the
explicit acknowledgment.

nfct_mnl_request() leaves the explicit acknowledment in the buffer,
filling it up with unhandled netlink messages, leading to the following
error:

 conntrack v1.4.7 (conntrack-tools): Operation failed: No buffer space available

Fixes: b7a396b70015 ("conntrack: use libmnl for updating conntrack table")
Reported-by: Tony He <huangya90@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

0 files changed, 0 insertions, 0 deletions