]> git.pld-linux.org Git - packages/kernel.git/blobdiff - kernel-layer7.patch
projects / packages / kernel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- 5.4.272
[packages/kernel.git] / kernel-layer7.patch
diff --git a/kernel-layer7.patch b/kernel-layer7.patch
index 612c295da23c69ec92f689b8eae1627e4afc7c0b..b7390a088f5546dcd0f3b19e466d02ef692ef520 100644 (file)
--- a/kernel-layer7.patch
+++ b/kernel-layer7.patch
@@ -2050,7 +2050,7 @@
 --- linux-2.6.28-stock/net/netfilter/nf_conntrack_core.c       2009-01-07 16:05:35.000000000 -0600
 +++ linux-2.6.28/net/netfilter/nf_conntrack_core.c     2009-01-07 16:07:31.000000000 -0600
 @@ -201,6 +201,14 @@ destroy_conntrack(struct nf_conntrack *n
-        * too. */
+        */
        nf_ct_remove_expectations(ct);
  
 +      #if defined(CONFIG_NETFILTER_XT_MATCH_LAYER7) || defined(CONFIG_NETFILTER_XT_MATCH_LAYER7_MODULE)
@@ -2061,13 +2061,13 @@
 +      #endif
 +
 +
-       /* We overload first tuple to link into unconfirmed or dying list.*/
-       BUG_ON(hlist_nulls_unhashed(&ct->tuplehash[IP_CT_DIR_ORIGINAL].hnnode));
-       hlist_nulls_del_rcu(&ct->tuplehash[IP_CT_DIR_ORIGINAL].hnnode);
+       nf_ct_del_from_dying_or_unconfirmed_list(ct);
+       local_bh_enable();
 --- linux-2.6.28-stock/net/netfilter/nf_conntrack_standalone.c 2009-01-07 16:05:35.000000000 -0600
 +++ linux-2.6.28/net/netfilter/nf_conntrack_standalone.c       2009-01-07 16:07:31.000000000 -0600
 @@ -165,6 +165,12 @@ static int ct_seq_show(struct seq_file *
+       ct_show_zone(s, ct, NF_CT_DEFAULT_ZONE_DIR);
        ct_show_delta_time(s, ct);
  
 +#if defined(CONFIG_NETFILTER_XT_MATCH_LAYER7) || defined(CONFIG_NETFILTER_XT_MATCH_LAYER7_MODULE)
@@ -2081,12 +2081,12 @@
        if (seq_has_overflowed(s))
 --- linux-2.6.28-stock/include/net/netfilter/nf_conntrack.h    2009-01-07 16:05:30.000000000 -0600
 +++ linux-2.6.28/include/net/netfilter/nf_conntrack.h  2009-01-07 16:07:31.000000000 -0600
-@@ -118,6 +118,22 @@ struct nf_conn
-       struct net *ct_net;
- #endif
+@@ -120,6 +120,22 @@ struct nf_conn {
+       /* Extensions */
+       struct nf_ct_ext *ext;
  
 +#if defined(CONFIG_NETFILTER_XT_MATCH_LAYER7) || \
-+    defined(CONFIG_NETFILTER_XT_MATCH_LAYER7_MODULE)
++      defined(CONFIG_NETFILTER_XT_MATCH_LAYER7_MODULE)
 +      struct {
 +              /*
 +               * e.g. "http". NULL before decision. "unknown" after decision
@@ -2103,7 +2103,7 @@
 +
        /* Storage reserved for other modules, must be the last member */
        union nf_conntrack_proto proto;
+ };
 --- linux-2.6.28-stock/include/linux/netfilter/xt_layer7.h     1969-12-31 18:00:00.000000000 -0600
 +++ linux-2.6.28/include/linux/netfilter/xt_layer7.h   2009-01-07 16:07:31.000000000 -0600
 @@ -0,0 +1,13 @@
The Linux kernel (the core of the Linux operating system)
This page took 0.048749 seconds and 4 git commands to generate.