]> err.no Git - linux-2.6/commitdiff
[NETFILTER]: nfctnetlink: Don't allow to change helper
authorYasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Fri, 22 Jun 2007 21:10:22 +0000 (14:10 -0700)
committerDavid S. Miller <davem@davemloft.net>
Fri, 22 Jun 2007 21:10:22 +0000 (14:10 -0700)
There is no realistic situation to change helper (Who wants IRC helper to
track FTP traffic ?). Moreover, if we want to do that, we need to fix race
issue by nfctnetlink and running helper. That will add overhead to packet
processing. It wouldn't pay. So this rejects the request to change
helper. The requests to add or remove helper are accepted as ever.

Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/netfilter/nf_conntrack_netlink.c

index 3f73327794ab40a7bb4ae05d0a8b3334458f9eea..d0fe3d7698287664c2e48d37dfe09a3541cebc96 100644 (file)
@@ -869,8 +869,7 @@ ctnetlink_change_helper(struct nf_conn *ct, struct nfattr *cda[])
                return 0;
 
        if (help->helper)
-               /* we had a helper before ... */
-               nf_ct_remove_expectations(ct);
+               return -EBUSY;
 
        /* need to zero data of old helper */
        memset(&help->help, 0, sizeof(help->help));