From 860586df4f6b5f1db3def7f1268f286080267923 Mon Sep 17 00:00:00 2001 From: Mark Huang Date: Wed, 8 Sep 2004 17:45:22 +0000 Subject: [PATCH] - fix a pretty fundamental bug in how context IDs are associated with connections. In the loopback case, you need to associate each loopback connection with two contexts, the original sender's and the original receiver's (or, equivalently, the replying sender's, which is why you see !dir in the NF_IP_LOCAL_IN case). In the common case (sending from a local process to a remote machine), the code need only refer to the original sender's context ID. --- include/linux/netfilter_ipv4/ip_conntrack.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/netfilter_ipv4/ip_conntrack.h b/include/linux/netfilter_ipv4/ip_conntrack.h index 1ba82b408..a325de54c 100644 --- a/include/linux/netfilter_ipv4/ip_conntrack.h +++ b/include/linux/netfilter_ipv4/ip_conntrack.h @@ -209,7 +209,7 @@ struct ip_conntrack #endif /* CONFIG_IP_NF_NAT_NEEDED */ /* VServer context id */ - xid_t xid; + xid_t xid[IP_CT_DIR_MAX]; }; -- 2.47.0