Re: 2.6.12: connection tracking broken?

From: Patrick McHardy
Date: Sun Jun 19 2005 - 21:47:51 EST

Next message: randy_dunlap: "Re: [PATCH] drivers/char/tipar.c: off by one array access"
Previous message: Dag Wieers: "Re: Block device layer freezing block device access ? (follow-up)"
In reply to: Herbert Xu: "Re: 2.6.12: connection tracking broken?"
Next in thread: Bart De Schuymer: "Re: 2.6.12: connection tracking broken?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 20 Jun 2005, Herbert Xu wrote:

Patrick McHardy <kaber@xxxxxxxxx> wrote:

The bridge-netfilter code defers calling of some NF_IP_* hooks to the
bridge layer, when the conntrack reference is already gone, so the entry

Why does it defer them at all? Shouldn't the fact that the device is
bridged be transparent to the IP layer?

I couldn't figure out the reason, it seems to have something to do
with setting up device pointers for iptables and ebtables. It looks
like the only way to fix this problem without keeping the conntrack
reference while packets are queued at the device is to avoid defering
the NF_IP_* hooks. Bart, can you explain why the hooks are defered
please?

Regards
Patrick
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: randy_dunlap: "Re: [PATCH] drivers/char/tipar.c: off by one array access"
Previous message: Dag Wieers: "Re: Block device layer freezing block device access ? (follow-up)"
In reply to: Herbert Xu: "Re: 2.6.12: connection tracking broken?"
Next in thread: Bart De Schuymer: "Re: 2.6.12: connection tracking broken?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]