From 2473a408abdd79fb4b24c5c56f769791203c0cd8 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 11 Dec 2008 19:05:58 +0100
Subject: build: do not inconditionally include TCP state into netlink message

This patch remove the inconditional inclusion of the TCP state
attribute in netlink messages. We cannot assume this for update
messages.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack/build.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src/conntrack')

diff --git a/src/conntrack/build.c b/src/conntrack/build.c
index f9d6f8e..35abe05 100644
--- a/src/conntrack/build.c
+++ b/src/conntrack/build.c
@@ -106,8 +106,11 @@ void __build_protoinfo(struct nfnlhdr *req,
 	case IPPROTO_TCP:
 		nest = nfnl_nest(&req->nlh, size, CTA_PROTOINFO);
 		nest_proto = nfnl_nest(&req->nlh, size, CTA_PROTOINFO_TCP);
-		nfnl_addattr_l(&req->nlh, size, CTA_PROTOINFO_TCP_STATE,
-			       &ct->protoinfo.tcp.state, sizeof(u_int8_t));
+		if (test_bit(ATTR_TCP_STATE, ct->set))
+			nfnl_addattr_l(&req->nlh, size,
+				       CTA_PROTOINFO_TCP_STATE,
+				       &ct->protoinfo.tcp.state,
+				       sizeof(u_int8_t));
 		if (test_bit(ATTR_TCP_FLAGS_ORIG, ct->set) &&
 		    test_bit(ATTR_TCP_MASK_ORIG, ct->set))
 			nfnl_addattr_l(&req->nlh, size,
-- 
cgit v1.2.3