Jan Engelhardt wrote:
> On Jul 9 2007 16:30, Patrick McHardy wrote:
>
>>The module reference taking functions should not be
used in the
>>packet processing path. Please use
__nf_ct_l3proto_find and
>>__nf_ct_l4proto_find. Since the l3proto is static
for one
>>instance of the match you could also store it
info->data and
>>only do the lookup once (for then you need to take
the module
>>reference of course).
>
>
> Normally, the ct=NULL condition should not happen (so
often), so that I think
> just using the non-refcounted variant is fine.
It will happen *always* when used in the raw table, which is
the
most useful position for this match IMO. And you already
take
a l3 proto module reference anyways.
But I don't mind, this can also be changed afterwards. But I
get
rejects for some reason:
patching file include/linux/netfilter/xt_connlimit.h
patching file net/netfilter/Kconfig
Hunk #1 FAILED at 423.
1 out of 1 hunk FAILED -- saving rejects to file
net/netfilter/Kconfig.rej
patching file net/netfilter/Makefile
Hunk #1 FAILED at 53.
1 out of 1 hunk FAILED -- saving rejects to file
net/netfilter/Makefile.rej
patching file net/netfilter/xt_connlimit.c
Please rediff against net-2.6.23.
|
