1 From: Felix Fietkau <nbd@nbd.name>
2 Date: Thu, 14 Jun 2018 11:20:09 +0200
3 Subject: [PATCH] netfilter: nf_flow_table: fix up ct state of flows after
6 If a connection simply times out instead of being torn down, it is left
7 active with a long timeout. Fix this by calling flow_offload_fixup_ct_state
10 Signed-off-by: Felix Fietkau <nbd@nbd.name>
13 --- a/net/netfilter/nf_flow_table_core.c
14 +++ b/net/netfilter/nf_flow_table_core.c
15 @@ -268,6 +268,9 @@ static void flow_offload_del(struct nf_f
16 else if (flow->flags & FLOW_OFFLOAD_TEARDOWN)
17 flow_offload_fixup_ct_timeout(e->ct);
19 + if (!(flow->flags & FLOW_OFFLOAD_TEARDOWN))
20 + flow_offload_fixup_ct_state(e->ct);
22 flow_offload_free(flow);