mirror of
https://github.com/breeze303/nss-packages.git
synced 2025-12-16 16:57:29 +00:00
07350c9f03
Bump QCA NSS ECM to NHSS.QSDK.12.3.r2 tag.
Massive thanks to @AgustinLorenzo.
Reference:
8d73961018
46 lines
1.4 KiB
Diff
46 lines
1.4 KiB
Diff
diff --git a/ecm_conntrack_notifier.c b/ecm_conntrack_notifier.c
|
|
index 50e8566..cf8bd33 100644
|
|
--- a/ecm_conntrack_notifier.c
|
|
+++ b/ecm_conntrack_notifier.c
|
|
@@ -433,6 +433,26 @@ int ecm_conntrack_notifier_init(struct dentry *dentry)
|
|
#else
|
|
nf_conntrack_register_notifier(&init_net, &ecm_conntrack_notifier);
|
|
#endif
|
|
+
|
|
+ /*
|
|
+ * Hold netns reference to keep the basic conntrack alive and
|
|
+ * track conntrack even when firewall stopped.
|
|
+ */
|
|
+ result = nf_ct_netns_get(&init_net, NFPROTO_IPV4);
|
|
+ if (result < 0) {
|
|
+ DEBUG_ERROR("Can't hold ipv4 netns.\n");
|
|
+ debugfs_remove_recursive(ecm_conntrack_notifier_dentry);
|
|
+ return result;
|
|
+ }
|
|
+#ifdef ECM_IPV6_ENABLE
|
|
+ result = nf_ct_netns_get(&init_net, NFPROTO_IPV6);
|
|
+ if (result < 0) {
|
|
+ DEBUG_ERROR("Can't hold ipv6 netns.\n");
|
|
+ nf_ct_netns_put(&init_net, NFPROTO_IPV4);
|
|
+ debugfs_remove_recursive(ecm_conntrack_notifier_dentry);
|
|
+ return result;
|
|
+ }
|
|
+#endif
|
|
#endif
|
|
|
|
return 0;
|
|
@@ -446,6 +466,13 @@ void ecm_conntrack_notifier_exit(void)
|
|
{
|
|
DEBUG_INFO("ECM Conntrack Notifier exit\n");
|
|
#ifdef CONFIG_NF_CONNTRACK_EVENTS
|
|
+ /*
|
|
+ * Release netns reference.
|
|
+ */
|
|
+ nf_ct_netns_put(&init_net, NFPROTO_IPV4);
|
|
+#ifdef ECM_IPV6_ENABLE
|
|
+ nf_ct_netns_put(&init_net, NFPROTO_IPV6);
|
|
+#endif
|
|
#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 15, 0))
|
|
nf_conntrack_unregister_notifier(&init_net, &ecm_conntrack_notifier);
|
|
#else
|