diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-09-21 18:52:08 +0400 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-09-24 16:29:40 +0400 |
commit | 7be54ca4764bdead40bee7b645a72718c20ff2c8 (patch) | |
tree | da27254d7fe7dd96555668d5369a0e2dcc9bc769 /net/netfilter/nfnetlink_cthelper.c | |
parent | 54eb3df3a7d01b6cd395bdc1098280f2f93fbec5 (diff) | |
download | linux-7be54ca4764bdead40bee7b645a72718c20ff2c8.tar.xz |
netfilter: nf_ct_ftp: add sequence tracking pickup facility for injected entries
This patch allows the FTP helper to pickup the sequence tracking from
the first packet seen. This is useful to fix the breakage of the first
FTP command after the failover while using conntrackd to synchronize
states.
The seq_aft_nl_num field in struct nf_ct_ftp_info has been shrinked to
16-bits (enough for what it does), so we can use the remaining 16-bits
to store the flags while using the same size for the private FTP helper
data.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nfnetlink_cthelper.c')
-rw-r--r-- | net/netfilter/nfnetlink_cthelper.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netfilter/nfnetlink_cthelper.c b/net/netfilter/nfnetlink_cthelper.c index 3678073360a3..945950a8b1f1 100644 --- a/net/netfilter/nfnetlink_cthelper.c +++ b/net/netfilter/nfnetlink_cthelper.c @@ -85,6 +85,9 @@ nfnl_cthelper_from_nlattr(struct nlattr *attr, struct nf_conn *ct) { const struct nf_conn_help *help = nfct_help(ct); + if (attr == NULL) + return -EINVAL; + if (help->helper->data_len == 0) return -EINVAL; |