mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-10-06 16:49:22 +00:00
net/sched: act_ct: Fix flow table lookup after ct clear or switching zones
commit2f131de361
upstream. Flow table lookup is skipped if packet either went through ct clear action (which set the IP_CT_UNTRACKED flag on the packet), or while switching zones and there is already a connection associated with the packet. This will result in no SW offload of the connection, and the and connection not being removed from flow table with TCP teardown (fin/rst packet). To fix the above, remove these unneccary checks in flow table lookup. Fixes:46475bb20f
("net/sched: act_ct: Software offload of established flows") Signed-off-by: Paul Blakey <paulb@nvidia.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
bc8f768af3
commit
0fc1847359
1 changed files with 0 additions and 5 deletions
|
@ -514,11 +514,6 @@ static bool tcf_ct_flow_table_lookup(struct tcf_ct_params *p,
|
|||
struct nf_conn *ct;
|
||||
u8 dir;
|
||||
|
||||
/* Previously seen or loopback */
|
||||
ct = nf_ct_get(skb, &ctinfo);
|
||||
if ((ct && !nf_ct_is_template(ct)) || ctinfo == IP_CT_UNTRACKED)
|
||||
return false;
|
||||
|
||||
switch (family) {
|
||||
case NFPROTO_IPV4:
|
||||
if (!tcf_ct_flow_table_fill_tuple_ipv4(skb, &tuple, &tcph))
|
||||
|
|
Loading…
Reference in a new issue