From af21c1d369c6312be1fd31b48e1b02b7b15d08a5 Mon Sep 17 00:00:00 2001
From: Jan Rafaj <jr+netfilter-devel@cedric.unob.cz>
Date: Mon, 12 Oct 2009 00:01:35 +0200
Subject: [PATCH] pknock: preserve time/autoclose values for rules added in
 arbitrary order

Handle specific case when someone put a (master) --opensecret
--closesecret rule after a --checkip rule with the same name.

Signed-off-by: Jan Rafaj <jr+netfilter-devel@cedric.unob.cz>
---
 extensions/pknock/xt_pknock.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/extensions/pknock/xt_pknock.c b/extensions/pknock/xt_pknock.c
index 50789e5..9bfcdf4 100644
--- a/extensions/pknock/xt_pknock.c
+++ b/extensions/pknock/xt_pknock.c
@@ -453,6 +453,12 @@ add_rule(struct xt_pknock_mtinfo *info)
 
 		if (rulecmp(info, rule)) {
 			++rule->ref_count;
+
+			if (info->option & XT_PKNOCK_OPENSECRET) {
+				rule->max_time       = info->max_time;
+				rule->autoclose_time = info->autoclose_time;
+			}
+
 			if (info->option & XT_PKNOCK_CHECKIP) {
 				pr_debug("add_rule() (AC)"
 					" rule found: %s - "