commit | d9ec4f1ee280e5f8732e3c40ca672419b2532600 | [log] [tgz] |
---|---|---|
author | Florian Westphal <fw@strlen.de> | Fri Mar 07 14:37:10 2014 +0100 |
committer | Pablo Neira Ayuso <pablo@netfilter.org> | Wed Mar 12 13:55:01 2014 +0100 |
tree | a751b086f8c4e6acdb8d2e220ba76d351930ad79 | |
parent | 15cfd52895751e8f36b48b8ad33f1d68b59611e2 [diff] |
netfilter: connlimit: improve packet-to-closed-connection logic Instead of freeing the entry from our list and then adding it back again in the 'packet to closing connection' case just keep the matching entry around. Also drop the found_ct != NULL test as nf_ct_tuplehash_to_ctrack is just container_of(). Reviewed-by: Jesper Dangaard Brouer <brouer@redhat.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>