anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-07 13:15:12 +02:00
Code Issues Releases Wiki Activity

DELUDE: update comment about reentrancy

Browse Source
This commit is contained in:
Jan Engelhardt
2013-03-20 14:22:04 +01:00
parent aceca54912
commit d96fff8893
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
extensions/xt_DELUDE.c
View File

@@ -140,9 +140,11 @@ static void delude_send_reset(struct sk_buff *oldskb, unsigned int hook)
static unsigned int static unsigned int
delude_tg(struct sk_buff **pskb, const struct xt_action_param *par) delude_tg(struct sk_buff **pskb, const struct xt_action_param *par)
{ {
/* WARNING: This code causes reentry within iptables. /*
This means that the iptables jump stack is now crap. We * Sending the reset causes reentrancy within iptables - and should not pose
must return an absolute verdict. --RR */ * a problem, as that is supported since Linux 2.6.35. But since we do not
* actually want to have a connection open, we are still going to drop it.
*/
delude_send_reset(*pskb, par->hooknum); delude_send_reset(*pskb, par->hooknum);
return NF_DROP; return NF_DROP;
} }