1
linux/net/netfilter
Jan Engelhardt 67b4af2970 [NETFILTER]: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK
Fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK

When xt_CONNMARK is used outside the mangle table and the user specified
"--restore-mark", the connmark_tg_check() function will (correctly)
error out, but (incorrectly) forgets to release the L3 conntrack module.
Same for xt_CONNSECMARK.

Fix is to move the call to acquire the L3 module after the basic
constraint checks.

Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
2007-12-01 00:01:50 +11:00
..
core.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
Kconfig Kbuild/doc: fix links to Documentation files 2007-10-30 14:26:30 -07:00
Makefile [NETFILTER]: Clean up Makefile 2007-11-07 04:08:22 -08:00
nf_conntrack_amanda.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_core.c [NETFILTER]: nf_ct_alloc_hashtable(): use __GFP_NOWARN 2007-10-29 22:37:31 -07:00
nf_conntrack_ecache.c [NETFILTER]: nf_conntrack_expect: function naming unification 2007-07-10 22:17:53 -07:00
nf_conntrack_expect.c [NETFILTER]: Make netfilter code use the seq_open_private 2007-10-10 16:55:34 -07:00
nf_conntrack_extend.c [NETFILTER]: Fix NULL pointer dereference in nf_nat_move_storage() 2007-11-15 15:52:32 -08:00
nf_conntrack_ftp.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_h323_asn1.c [NETFILTER]: nf_conntrack_h323: check range first in sequence extension 2007-07-10 22:16:54 -07:00
nf_conntrack_h323_main.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_h323_types.c [NETFILTER]: nf_conntrack_h323: fix ASN.1 types 2007-05-24 16:42:26 -07:00
nf_conntrack_helper.c netfilter endian regressions 2007-07-26 11:11:56 -07:00
nf_conntrack_irc.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_l3proto_generic.c [NETFILTER]: nf_conntrack: mark protocols __read_mostly 2007-07-14 20:48:19 -07:00
nf_conntrack_netbios_ns.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_netlink.c [NETFILTER]: nf_conntrack_netlink: add support to related connections 2007-10-10 16:53:37 -07:00
nf_conntrack_pptp.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_proto_generic.c sysctl: remove broken netfilter binary sysctls 2007-10-18 14:37:23 -07:00
nf_conntrack_proto_gre.c [NETFILTER]: ctnetlink: use netlink policy 2007-10-10 16:53:35 -07:00
nf_conntrack_proto_sctp.c sysctl: remove broken netfilter binary sysctls 2007-10-18 14:37:23 -07:00
nf_conntrack_proto_tcp.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2007-10-18 14:40:30 -07:00
nf_conntrack_proto_udp.c sysctl: remove broken netfilter binary sysctls 2007-10-18 14:37:23 -07:00
nf_conntrack_proto_udplite.c [NETFILTER]: ctnetlink: use netlink policy 2007-10-10 16:53:35 -07:00
nf_conntrack_proto.c
nf_conntrack_sane.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_sip.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_conntrack_standalone.c [NETFILTER]: Make netfilter code use the seq_open_private 2007-10-10 16:55:34 -07:00
nf_conntrack_tftp.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_internals.h [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_log.c [NET] NETFILTER: Fix whitespace errors. 2007-07-19 10:44:21 +09:00
nf_queue.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
nf_sockopt.c [NETFILTER]: fix compat_nf_sockopt typo 2007-11-15 14:29:21 -08:00
nf_sysctl.c
nfnetlink_log.c [NETFILTER]: Make netfilter code use the seq_open_private 2007-10-10 16:55:34 -07:00
nfnetlink_queue.c [NETFILTER]: Avoid skb_copy/pskb_copy/skb_realloc_headroom 2007-10-15 12:26:28 -07:00
nfnetlink.c [NET]: make netlink user -> kernel interface synchronious 2007-10-10 21:15:29 -07:00
x_tables.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
xt_CLASSIFY.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_comment.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_connbytes.c remove asm/bitops.h includes 2007-10-19 11:53:41 -07:00
xt_connlimit.c [NETFILTER]: Copyright/Email update 2007-11-07 04:08:20 -08:00
xt_connmark.c Fix misspellings of "system", "controller", "interrupt" and "necessary". 2007-10-19 23:10:43 +02:00
xt_CONNMARK.c [NETFILTER]: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK 2007-12-01 00:01:50 +11:00
xt_CONNSECMARK.c [NETFILTER]: fix forgotten module release in xt_CONNMARK and xt_CONNSECMARK 2007-12-01 00:01:50 +11:00
xt_conntrack.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_dccp.c [NETFILTER]: x_tables: add missing ip6t_modulename aliases 2007-10-11 14:36:40 -07:00
xt_dscp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_DSCP.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_esp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_hashlimit.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
xt_helper.c [NETFILTER]: xt_helper: use RCU 2007-07-10 22:18:19 -07:00
xt_length.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_limit.c more UTF-8 conversions 2007-10-19 23:22:11 +02:00
xt_mac.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_mark.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_MARK.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_multiport.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_NFLOG.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_NFQUEUE.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_NOTRACK.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_physdev.c [NETFILTER]: Clean up duplicate includes in net/netfilter/ 2007-07-24 15:31:05 -07:00
xt_pkttype.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_policy.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_quota.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_realm.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_sctp.c [NETFILTER]: xt_sctp: fix mistake to pass a pointer where array is required 2007-10-18 05:12:21 -07:00
xt_SECMARK.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_state.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_statistic.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_string.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_tcpmss.c [NETFILTER]: x_tables: add missing ip6t_modulename aliases 2007-10-11 14:36:40 -07:00
xt_TCPMSS.c [NETFILTER]: xt_TCPMSS: remove network triggerable WARN_ON 2007-11-30 23:58:03 +11:00
xt_tcpudp.c [NETFILTER]: xt_tcpudp: fix wrong struct in udp_checkentry 2007-08-30 22:36:43 -07:00
xt_time.c [NETFILTER]: xt_time should not assume CONFIG_KTIME_SCALAR 2007-11-13 03:49:53 -08:00
xt_TRACE.c [NETFILTER]: Replace sk_buff ** with sk_buff * 2007-10-15 12:26:29 -07:00
xt_u32.c [NETFILTER]: Copyright/Email update 2007-11-07 04:08:20 -08:00