projects / linux-2.6-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8225161) | patch
netfilter: xt_connlimit: honor conntrack zone if available
authorFlorian Westphal <fw@strlen.de>
Fri, 14 Nov 2014 12:21:48 +0000 (13:21 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 17 Nov 2014 11:44:20 +0000 (12:44 +0100)
commite59ea3df3fc290b91c52a250c19091c18b4e6d7e
tree20e3e6a02a4168c7af67285c96b369bdf31d1722tree | snapshot
parent8225161545a67bdb68cf86beafcdce1604720605commit | diff
netfilter: xt_connlimit: honor conntrack zone if available

Currently all the conntrack lookups are done using default zone.
In case the skb has a ct attached (e.g. template) we should use this zone
for lookups instead.  This makes connlimit work with connections assigned
to other zones.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/xt_connlimit.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)