pknock: preserve time/autoclose values for rules added in arbitrary order

Handle specific case when someone put a (master) --opensecret --closesecret rule after a --checkip rule with the same name. Signed-off-by: Jan Rafaj <jr+netfilter-devel@cedric.unob.cz>
2025-09-06 04:35:12 +02:00 · 2009-10-12 00:01:35 +02:00
parent b132101b63
commit af21c1d369
1 changed files with 6 additions and 0 deletions
--- a/extensions/pknock/xt_pknock.c
+++ b/extensions/pknock/xt_pknock.c
@@ -453,6 +453,12 @@ add_rule(struct xt_pknock_mtinfo *info)

 		if (rulecmp(info, rule)) {
 			++rule->ref_count;
+
+			if (info->option & XT_PKNOCK_OPENSECRET) {
+				rule->max_time       = info->max_time;
+				rule->autoclose_time = info->autoclose_time;
+			}
+
 			if (info->option & XT_PKNOCK_CHECKIP) {
 				pr_debug("add_rule() (AC)"
 					" rule found: %s - "