Commit 14a32d80 authored by Rusty Russell's avatar Rusty Russell Committed by David S. Miller

[NETFILTER]: Fix ipchains oops in NAT

We updated ip_nat_setup_info to set the initialized flag and call
place_in_hashes, but *didn't* change the call in ip_fw_compat_masq.c
which also calls place_in_hashes() itself (again!).  Result: corrupt
list, and next thing which lands in the same hash bucket goes boom.

Thanks to Andy Polyakov for chasing this down.
parent 9c598011
...@@ -91,9 +91,6 @@ do_masquerade(struct sk_buff **pskb, const struct net_device *dev) ...@@ -91,9 +91,6 @@ do_masquerade(struct sk_buff **pskb, const struct net_device *dev)
WRITE_UNLOCK(&ip_nat_lock); WRITE_UNLOCK(&ip_nat_lock);
return ret; return ret;
} }
place_in_hashes(ct, info);
info->initialized = 1;
} else } else
DEBUGP("Masquerading already done on this conn.\n"); DEBUGP("Masquerading already done on this conn.\n");
WRITE_UNLOCK(&ip_nat_lock); WRITE_UNLOCK(&ip_nat_lock);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment