search for: ip_conntrack_lock

...http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net ---------- Forwarded message ---------- Date: Tue, 2 Jul 2002 18:02:05 +0200 From: Harald Welte <laforge@sunbeam.franken.de> To: Albrecht Melan <melan@isd.uni-stuttgart.de> Cc: netfilter-devel@lists.samba.org Subject: Re: ip_conntrack_lock not readlocked On Tue, Jul 02, 2002 at 04:11:37PM +0200, Albrecht Melan wrote: > Hi, > > I''m using a kernel of version 2.4.18 where module-support is disabled > together with iptables-1.2.6a ( all compiled by myself). > I applied patches to netfilter using POM. which p...

.../net/ipv4/netfilter/ip_conntrack_core.c.orig 2005-04-03 18:42:20.000000000 -0700 +++ linux-2.4.32/net/ipv4/netfilter/ip_conntrack_core.c 2006-07-24 13:23:25.000000000 -0700 @@ -777,6 +777,14 @@ /* look for tuple match */ h = ip_conntrack_find_get(&tuple, NULL); if (!h) { + READ_LOCK(&ip_conntrack_lock); + h = LIST_FIND(&unconfirmed, conntrack_tuple_cmp, + struct ip_conntrack_tuple_hash *, &tuple, NULL); + if (h) + atomic_inc(&h->ctrack->ct_general.use); + READ_UNLOCK(&ip_conntrack_lock); + } + if (!h) { h = init_conntrack(&tuple, proto, skb); if (!h)...

...ip_conntrack_core= =2Ec --- linux-2.4.20-base/net/ipv4/netfilter/ip_conntrack_core.c Tue Feb 18 17:= 08:21 2003 +++ linux-2.4.20-del/net/ipv4/netfilter/ip_conntrack_core.c Fri Feb 21 17:0= 1:39 2003 @@ -292,9 +292,6 @@ { DEBUGP("clean_from_lists(%p)\n", ct); MUST_BE_WRITE_LOCKED(&ip_conntrack_lock); - /* Remove from both hash lists: must not NULL out next ptrs, - otherwise we'll look unconfirmed. Fortunately, LIST_DELETE - doesn't do this. --RR */ LIST_DELETE(&ip_conntrack_hash [hash_conntrack(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple)],...

...;next =3D entry->prev =3D 0; > } > =20 > /** This change breaks an assumption made by the netfilter connection tracking code in linux/net/ipv4/netfilter/ip_conntrack_core.c: > static void > clean_from_lists(struct ip_conntrack *ct) > { > MUST_BE_WRITE_LOCKED(&ip_conntrack_lock); > /* Remove from both hash lists: must not NULL out next ptrs, > otherwise we'll look unconfirmed. Fortunately, LIST_DELETE > doesn't do this. --RR */ > LIST_DELETE(&ip_conntrack_hash > [hash_conntrack(&ct-&...