[PATCH] vanilla 2.4.15 iptables/REDIRECT kernel oops

Rolf Fokkens (fokkensr@linux06.vertis.nl)
Wed, 28 Nov 2001 22:30:20 -0800


On Wednesday 28 November 2001 07:52, Stephan von Krawczynski wrote:
> The safe patch would look like this:
>
...
>
> Can you check out?
>
I took your patch, and added an obvious change to ip_output.c as well. It's
below. The patch seems to work fine on my PC, will try tomorrow on the server
that had the problems initially.

Still don't understand why skb->sk suddenly is NULL after nf_hook_slow. Maybe
the gurus finally pay attention to this (after all, there's a patch now!!)
and look into this.

Rolf

diff -ruN linux/include/net/ip.h.orig linux/include/net/ip.h
--- linux/include/net/ip.h.orig  Wed Nov 28 20:40:33 2001
+++ linux/include/net/ip.h       Wed Nov 28 20:47:20 2001
@@ -181,9 +181,9 @@
 static inline
 int ip_dont_fragment(struct sock *sk, struct dst_entry *dst)
 {
-        return (sk->protinfo.af_inet.pmtudisc == IP_PMTUDISC_DO ||
-                (sk->protinfo.af_inet.pmtudisc == IP_PMTUDISC_WANT &&
-                !(dst->mxlock&(1<<RTAX_MTU))));
+        return (sk && (sk->protinfo.af_inet.pmtudisc == IP_PMTUDISC_DO ||
+                     (sk->protinfo.af_inet.pmtudisc == IP_PMTUDISC_WANT &&
+                     !(dst->mxlock&(1<<RTAX_MTU)))));
 }
 
 extern void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst);
diff -ruN linux/net/ipv4/ip_output.c.orig linux/net/ipv4/ip_output.c
--- linux/net/ipv4/ip_output.c.orig      Wed Nov 28 20:51:02 2001
+++ linux/net/ipv4/ip_output.c   Wed Nov 28 20:52:31 2001
@@ -315,7 +315,9 @@
         /* Add an IP checksum. */
         ip_send_check(iph);
 
-        skb->priority = sk->priority;
+        if (sk)
+                skb->priority = sk->priority;
+
         return skb->dst->output(skb);
 
 fragment:

> Can any ip-stack guru comment?
>
> Regards,
> Stephan
>
> PS: ip_select_ident looks clean in terms of sk==NULL, BTW.
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/