diff options
author | Florian Westphal <fw@strlen.de> | 2017-01-23 18:21:55 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-02-02 14:31:52 +0100 |
commit | 97a6ad13decc16c5adbf181283932daba7e17faf (patch) | |
tree | 717cd3b83350f90f34578391e8137cc653110ff7 /include/net/ip_vs.h | |
parent | netfilter: reset netfilter state when duplicating packet (diff) | |
download | linux-97a6ad13decc16c5adbf181283932daba7e17faf.tar.xz linux-97a6ad13decc16c5adbf181283932daba7e17faf.zip |
netfilter: reduce direct skb->nfct usage
Next patch makes direct skb->nfct access illegal, reduce noise
in next patch by using accessors we already have.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net/ip_vs.h')
-rw-r--r-- | include/net/ip_vs.h | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index cd6018a9ee24..2a344ebd7ebe 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1554,10 +1554,13 @@ static inline void ip_vs_notrack(struct sk_buff *skb) struct nf_conn *ct = nf_ct_get(skb, &ctinfo); if (!ct || !nf_ct_is_untracked(ct)) { - nf_conntrack_put(skb->nfct); - skb->nfct = &nf_ct_untracked_get()->ct_general; + struct nf_conn *untracked; + + nf_conntrack_put(&ct->ct_general); + untracked = nf_ct_untracked_get(); + nf_conntrack_get(&untracked->ct_general); + skb->nfct = &untracked->ct_general; skb->nfctinfo = IP_CT_NEW; - nf_conntrack_get(skb->nfct); } #endif } |