netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple

As gre does not have the srckey in the packet gre_pkt_to_tuple needs to perform a lookup in it's per network namespace tables. Pass in the proper network namespace to all pkt_to_tuple implementations to ensure gre (and any similar protocols) can get this right. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Eric W. Biederman <ebiederm@xmission.com> 2015-09-18 14:33:04 -0500
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2015-09-18 22:00:04 +0200
commit: a31f1adc0948930fba9ab5a111ccd735a5d864c6 (patch)
tree: a1665b8a85df5c0a17cf8d6ed01f6fd9b5250a12 /net/netfilter/xt_connlimit.c
parent: a4ffe319ae72034e3f3332698a2fd83b6f063b18 (diff)
download: linux-a31f1adc0948930fba9ab5a111ccd735a5d864c6.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c
index 213db252e5bea2..99bbc829868d50 100644
--- a/net/netfilter/xt_connlimit.c
+++ b/net/netfilter/xt_connlimit.c
@@ -332,7 +332,7 @@ connlimit_mt(const struct sk_buff *skb, struct xt_action_param *par)
 		tuple_ptr = &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple;
 		zone = nf_ct_zone(ct);
 	} else if (!nf_ct_get_tuplepr(skb, skb_network_offset(skb),
-				    par->family, &tuple)) {
+				      par->family, net, &tuple)) {
 		goto hotdrop;
 	}
author	Eric W. Biederman <ebiederm@xmission.com>	2015-09-18 14:33:04 -0500
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2015-09-18 22:00:04 +0200
commit	a31f1adc0948930fba9ab5a111ccd735a5d864c6 (patch)
tree	a1665b8a85df5c0a17cf8d6ed01f6fd9b5250a12 /net/netfilter/xt_connlimit.c
parent	a4ffe319ae72034e3f3332698a2fd83b6f063b18 (diff)
download	linux-a31f1adc0948930fba9ab5a111ccd735a5d864c6.tar.gz