OpenWrt – Blame information for rev 1
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
1 | office | 1 | From af4dba1b5d3cbd0bc724fca24d3d01d2878406df Mon Sep 17 00:00:00 2001 |
2 | From: Konstantin Khlebnikov <khlebnikov@yandex-team.ru> |
||
3 | Date: Mon, 11 Dec 2017 18:19:33 +0300 |
||
4 | Subject: [PATCH 318/454] netfilter: ip6t_MASQUERADE: add dependency on |
||
5 | conntrack module |
||
6 | |||
7 | commit 23715275e4fb6f64358a499d20928a9e93819f2f upstream. |
||
8 | |||
9 | After commit 4d3a57f23dec ("netfilter: conntrack: do not enable connection |
||
10 | tracking unless needed") conntrack is disabled by default unless some |
||
11 | module explicitly declares dependency in particular network namespace. |
||
12 | |||
13 | Fixes: a357b3f80bc8 ("netfilter: nat: add dependencies on conntrack module") |
||
14 | Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru> |
||
15 | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> |
||
16 | --- |
||
17 | net/ipv6/netfilter/ip6t_MASQUERADE.c | 8 +++++++- |
||
18 | 1 file changed, 7 insertions(+), 1 deletion(-) |
||
19 | |||
20 | --- a/net/ipv6/netfilter/ip6t_MASQUERADE.c |
||
21 | +++ b/net/ipv6/netfilter/ip6t_MASQUERADE.c |
||
22 | @@ -33,13 +33,19 @@ static int masquerade_tg6_checkentry(con |
||
23 | |||
24 | if (range->flags & NF_NAT_RANGE_MAP_IPS) |
||
25 | return -EINVAL; |
||
26 | - return 0; |
||
27 | + return nf_ct_netns_get(par->net, par->family); |
||
28 | +} |
||
29 | + |
||
30 | +static void masquerade_tg6_destroy(const struct xt_tgdtor_param *par) |
||
31 | +{ |
||
32 | + nf_ct_netns_put(par->net, par->family); |
||
33 | } |
||
34 | |||
35 | static struct xt_target masquerade_tg6_reg __read_mostly = { |
||
36 | .name = "MASQUERADE", |
||
37 | .family = NFPROTO_IPV6, |
||
38 | .checkentry = masquerade_tg6_checkentry, |
||
39 | + .destroy = masquerade_tg6_destroy, |
||
40 | .target = masquerade_tg6, |
||
41 | .targetsize = sizeof(struct nf_nat_range), |
||
42 | .table = "nat", |