diff options
author | Richard Weinberger <richard@nod.at> | 2011-01-18 03:36:57 +0300 |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2011-01-18 08:50:41 +0300 |
commit | 1cc34c30be0e27d4ba8c1ce04a8a4f46c927d121 (patch) | |
tree | 07c952c92dfe061bc578856ea1314c5207b19893 | |
parent | ae9d67aff60af59548b6c7d1a74febea09660122 (diff) | |
download | linux-1cc34c30be0e27d4ba8c1ce04a8a4f46c927d121.tar.xz |
netfilter: xt_connlimit: use hotdrop jump mark
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-rw-r--r-- | net/netfilter/xt_connlimit.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c index 5c5b6b921b84..452bc16af56c 100644 --- a/net/netfilter/xt_connlimit.c +++ b/net/netfilter/xt_connlimit.c @@ -204,11 +204,9 @@ connlimit_mt(const struct sk_buff *skb, struct xt_action_param *par) &info->mask, par->family); spin_unlock_bh(&info->data->lock); - if (connections < 0) { + if (connections < 0) /* kmalloc failed, drop it entirely */ - par->hotdrop = true; - return false; - } + goto hotdrop; return (connections > info->limit) ^ info->inverse; |