summaryrefslogtreecommitdiffstats
path: root/net/bridge
diff options
context:
space:
mode:
authorHenry Yen <henry.yen@mediatek.com>2019-01-14 10:59:43 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2019-01-14 12:50:59 +0100
commit2314e879747e82896f51cce4488f6a00f3e1af7b (patch)
tree89704152d4ea1fcbdb38eed1702772f839129764 /net/bridge
parentnetfilter: nft_flow_offload: fix interaction with vrf slave device (diff)
downloadlinux-2314e879747e82896f51cce4488f6a00f3e1af7b.tar.xz
linux-2314e879747e82896f51cce4488f6a00f3e1af7b.zip
netfilter: nft_flow_offload: fix checking method of conntrack helper
This patch uses nfct_help() to detect whether an established connection needs conntrack helper instead of using test_bit(IPS_HELPER_BIT, &ct->status). The reason is that IPS_HELPER_BIT is only set when using explicit CT target. However, in the case that a device enables conntrack helper via command "echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper", the status of IPS_HELPER_BIT will not present any change, and consequently it loses the checking ability in the context. Signed-off-by: Henry Yen <henry.yen@mediatek.com> Reviewed-by: Ryder Lee <ryder.lee@mediatek.com> Tested-by: John Crispin <john@phrozen.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/bridge')
0 files changed, 0 insertions, 0 deletions