fc350777c7
This race was triggered by a 'conntrack -F' command running in parallel to the insertion of a hash for a new connection. Losing this race led to a dead conntrack entry effectively blocking traffic for a particular connection until timeout or flushing the conntrack hashes again. Now the check for an already dying connection is done inside the lock. Signed-off-by: Joerg Marx <joerg.marx@secunet.com> Signed-off-by: Patrick McHardy <kaber@trash.net> |
||
|---|---|---|
| .. | ||
| ipv4 | ||
| ipv6 | ||
| nf_conntrack.h | ||
| nf_conntrack_acct.h | ||
| nf_conntrack_core.h | ||
| nf_conntrack_ecache.h | ||
| nf_conntrack_expect.h | ||
| nf_conntrack_extend.h | ||
| nf_conntrack_helper.h | ||
| nf_conntrack_l3proto.h | ||
| nf_conntrack_l4proto.h | ||
| nf_conntrack_tuple.h | ||
| nf_conntrack_zones.h | ||
| nf_log.h | ||
| nf_nat.h | ||
| nf_nat_core.h | ||
| nf_nat_helper.h | ||
| nf_nat_protocol.h | ||
| nf_nat_rule.h | ||
| nf_queue.h | ||
| nf_tproxy_core.h | ||
| nfnetlink_log.h | ||
| xt_rateest.h | ||