patch-2.4.27 linux-2.4.27/net/ipv4/netfilter/ipt_MASQUERADE.c

Next file: linux-2.4.27/net/ipv4/netfilter/ipt_REJECT.c
Previous file: linux-2.4.27/net/ipv4/netfilter/ip_tables.c
Back to the patch index
Back to the overall index

Lines: 19
Date: 2004-08-07 16:26:06.992442846 -0700
Orig file: linux-2.4.26/net/ipv4/netfilter/ipt_MASQUERADE.c
Orig date: 2004-04-14 06:05:41.000000000 -0700


diff -urN linux-2.4.26/net/ipv4/netfilter/ipt_MASQUERADE.c linux-2.4.27/net/ipv4/netfilter/ipt_MASQUERADE.c
@@ -79,8 +79,8 @@
 		return NF_ACCEPT;
 
 	ct = ip_conntrack_get(*pskb, &ctinfo);
-	IP_NF_ASSERT(ct && (ctinfo == IP_CT_NEW
-				  || ctinfo == IP_CT_RELATED));
+	IP_NF_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED
+	                    || ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY));
 
 	mr = targinfo;
 
@@ -102,6 +102,7 @@
                 if (net_ratelimit())
                         printk("MASQUERADE:"
                                " Route sent us somewhere else.\n");
+			ip_rt_put(rt);
 		return NF_DROP;
 	}

FUNET's LINUX-ADM group, linux-adm@nic.funet.fi

TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)