Google Git
Sign in
android-kvm / linux / 3e68db2f6422d711550a32cbc87abd97bb6efab3
commit3e68db2f6422d711550a32cbc87abd97bb6efab3[log] [tgz]
authorPablo Neira Ayuso <pablo@netfilter.org>Fri Aug 09 11:01:33 2019 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>Fri Aug 09 14:41:20 2019 +0200
tree78fcca8a248cf22ee4d0182f36eddce8ff9f919e
parent6a0a8d10a3661a036b55af695542a714c429ab7c [diff]
netfilter: nf_flow_table: conntrack picks up expired flows

Update conntrack entry to pick up expired flows, otherwise the conntrack
entry gets stuck with the internal offload timeout (one day). The TCP
state also needs to be adjusted to ESTABLISHED state and tracking is set
to liberal mode in order to give conntrack a chance to pick up the
expired flow.

Fixes: ac2a66665e23 ("netfilter: add generic flow table infrastructure")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
1 file changed
tree: 78fcca8a248cf22ee4d0182f36eddce8ff9f919e
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. LICENSES/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .clang-format
  24. .cocciconfig
  25. .get_maintainer.ignore
  26. .gitattributes
  27. .gitignore
  28. .mailmap
  29. COPYING
  30. CREDITS
  31. Kbuild
  32. Kconfig
  33. MAINTAINERS
  34. Makefile
  35. README