From: Sapan Bhatia <sapanb@cs.princeton.edu>
Date: Mon, 4 Aug 2008 20:45:58 +0000 (+0000)
Subject: An addendum to the change involving UDP-listing/RAW sockets. Not including this fix... 
X-Git-Tag: linux-2.6-22-23~2
X-Git-Url: http://git.onelab.eu/?p=linux-2.6.git;a=commitdiff_plain;h=ebfbc4f463f87f6852fdbb4752a84a0763b8732d

An addendum to the change involving UDP-listing/RAW sockets. Not including this fix will cause a box to OOM in a few days.
---

diff --git a/linux-2.6-522-iptables-connection-tagging.patch b/linux-2.6-522-iptables-connection-tagging.patch
index 80b105abd..151337943 100644
--- a/linux-2.6-522-iptables-connection-tagging.patch
+++ b/linux-2.6-522-iptables-connection-tagging.patch
@@ -110,7 +110,7 @@ diff -Nurb linux-2.6.22-521/net/netfilter/nf_conntrack_core.c linux-2.6.22-522/n
  
 diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilter/xt_MARK.c
 --- linux-2.6.22-521/net/netfilter/xt_MARK.c	2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-522/net/netfilter/xt_MARK.c	2008-08-04 04:59:30.000000000 -0400
++++ linux-2.6.22-522/net/netfilter/xt_MARK.c	2008-08-04 16:44:16.000000000 -0400
 @@ -5,13 +5,19 @@
   * This program is free software; you can redistribute it and/or modify
   * it under the terms of the GNU General Public License version 2 as
@@ -270,7 +270,7 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt
  
  	switch (markinfo->mode) {
  	case XT_MARK_SET:
-@@ -58,13 +180,117 @@
+@@ -58,13 +180,121 @@
  	case XT_MARK_OR:
  		mark = (*pskb)->mark | markinfo->mark;
  		break;
@@ -310,6 +310,10 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt
 +                          if (sk && hooknum==NF_IP_LOCAL_IN) {
 +                                  mark=sk->sk_nid;
 +                          }
++
++						  if (sk) {
++								  sock_put(sk);
++						  }
 +                  }
 +                  else
 +                  if ((*pskb)->mark>0) /* The packet is marked, it's going out */
@@ -389,7 +393,7 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt
  static int
  checkentry_v0(const char *tablename,
  	      const void *entry,
-@@ -92,7 +318,8 @@
+@@ -92,7 +322,8 @@
  
  	if (markinfo->mode != XT_MARK_SET
  	    && markinfo->mode != XT_MARK_AND