Update: [PATCH 2.6] iptables MIRROR target fixes

From: Harald Welte (laforge@netfilter.org)
Date: Fri Jul 25 2003 - 15:52:42 EST

Hi again, Dave!

On Sat, Jul 19, 2003 at 04:26:48PM +0200, Harald Welte wrote:

> This is the first of my 2.6 merge of the recent bugfixes (all tested
> against 2.6.0-test1). You might need to apply them incrementally
> (didn't test it in a different order).

Unfortunately I introduced a typo during the merge (which in turn
introduced a new bug).

Please incrementially apply the following patch, thanks.

--- linux-2.6.0-test1-nftest5/net/ipv4/netfilter/ipt_MIRROR.c 2003-07-19 16:13:56.000000000 +0200
+++ linux-2.6.0-test1-nftest6/net/ipv4/netfilter/ipt_MIRROR.c 2003-07-19 17:35:23.000000000 +0200
@@ -173,7 +173,7 @@
         /* Don't let conntrack code see this packet:
          * it will think we are starting a new
          * connection! --RR */
- ip_direct_send(*pskb);
+ ip_direct_send(nskb);
 
         return NF_DROP;
 }

[now really off for OLS]. 

-- 
- Harald Welte <laforge@netfilter.org>             http://www.netfilter.org/
============================================================================
  "Fragmentation is like classful addressing -- an interesting early
   architectural error that shows how much experimentation was going
   on while IP was being designed."                    -- Paul Vixie
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

This archive was generated by hypermail 2b29 : Thu Jul 31 2003 - 22:00:27 EST