In message <[EMAIL PROTECTED]> you write:
> Date: Thu, 14 Dec 2000 15:35:48 -0500 (EST)
> From: "Mohammad A. Haque" <[EMAIL PROTECTED]>
>
> I'll be trying in a few hours.
>
> Meanwhile for people wanting the crashes to be fixed, please
> apply this patch.
>
> This was _always_ broken, and really what netfilter is doing
> should have never worked. The only theory I have right now
> is that people using netfilter never had IP fragments timeout.
> :-)
Ick, we've previously had issues with using the defrag routine from
PRE_ROUTING (Andi fixed the `called without bh disabled' problem). 8(
Good news is that it's all done from one place:
net/ipv4/ip_conntrack_core.c:910:ip_ct_gather_frags(struct sk_buff *skb)
You can fix it to obey the rules there, rather than hacking fragment
code.
Cheers,
Rusty.
--
Hacking time.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/
