diff options
author | Patrick McHardy <kaber@trash.net> | 2007-05-24 16:41:50 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2007-05-24 16:41:50 -0700 |
commit | 25b86e05467a2bf936b78695ef49039e3bbd1e0c (patch) | |
tree | 756282cad7ea20d2df257633c799d0b6baceba46 /net/netfilter | |
parent | 5fe26f53fe9e2ba5dca2835a4ca69d0ba7b5f707 (diff) | |
download | kernel_samsung_espresso10-25b86e05467a2bf936b78695ef49039e3bbd1e0c.zip kernel_samsung_espresso10-25b86e05467a2bf936b78695ef49039e3bbd1e0c.tar.gz kernel_samsung_espresso10-25b86e05467a2bf936b78695ef49039e3bbd1e0c.tar.bz2 |
[NETFILTER]: nf_conntrack_ftp: fix newline sequence number calculation
When the packet size is changed by the FTP NAT helper, the connection
tracking helper adjusts the sequence number of the newline character
by the size difference. This is wrong because NAT sequence number
adjustment happens after helpers are called, so the unadjusted number
is compared to the already adjusted one.
Based on report by YU, Haitao <yuhaitao@tsinghua.org.cn>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter')
-rw-r--r-- | net/netfilter/nf_conntrack_ftp.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c index 4bb669c..82db2aa 100644 --- a/net/netfilter/nf_conntrack_ftp.c +++ b/net/netfilter/nf_conntrack_ftp.c @@ -48,8 +48,7 @@ unsigned int (*nf_nat_ftp_hook)(struct sk_buff **pskb, enum nf_ct_ftp_type type, unsigned int matchoff, unsigned int matchlen, - struct nf_conntrack_expect *exp, - u32 *seq); + struct nf_conntrack_expect *exp); EXPORT_SYMBOL_GPL(nf_nat_ftp_hook); #if 0 @@ -521,7 +520,7 @@ static int help(struct sk_buff **pskb, nf_nat_ftp = rcu_dereference(nf_nat_ftp_hook); if (nf_nat_ftp && ct->status & IPS_NAT_MASK) ret = nf_nat_ftp(pskb, ctinfo, search[dir][i].ftptype, - matchoff, matchlen, exp, &seq); + matchoff, matchlen, exp); else { /* Can't expect this? Best to drop packet now. */ if (nf_conntrack_expect_related(exp) != 0) |