summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
author/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>2007-06-04 11:06:31 +0000
committer/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>2007-06-04 11:06:31 +0000
commit5f47ff72a4928bb989ca6347ce957dc03c0b929e (patch)
treeb90fae936c90571eb984a04ed46216a13dbbd15a
parent63965deb5fff9f06b72dd71abf6596d46cdfea5c (diff)
fix invalid argument error: status flags may not be present in update messages
-rw-r--r--src/conntrack/build.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/src/conntrack/build.c b/src/conntrack/build.c
index e8d5276..774e3c5 100644
--- a/src/conntrack/build.c
+++ b/src/conntrack/build.c
@@ -252,8 +252,13 @@ int __build_conntrack(struct nfnl_subsys_handle *ssh,
__build_tuple(req, size, &ct->tuple[__DIR_ORIG], CTA_TUPLE_ORIG);
__build_tuple(req, size, &ct->tuple[__DIR_REPL], CTA_TUPLE_REPLY);
- /* always build IPS_CONFIRMED */
- __build_status(req, size, ct);
+ if (test_bit(ATTR_STATUS, ct->set))
+ __build_status(req, size, ct);
+ else {
+ /* build IPS_CONFIRMED if we're creating a new conntrack */
+ if (type == IPCTNL_MSG_CT_NEW && flags & NLM_F_CREATE)
+ __build_status(req, size, ct);
+ }
if (test_bit(ATTR_TIMEOUT, ct->set))
__build_timeout(req, size, ct);