--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
-@@ -1209,18 +1209,6 @@ static bool gc_worker_can_early_drop(con
+@@ -1206,18 +1206,6 @@ static bool gc_worker_can_early_drop(con
return false;
}
static void gc_worker(struct work_struct *work)
{
unsigned int min_interval = max(HZ / GC_MAX_BUCKETS_DIV, 1u);
-@@ -1257,10 +1245,8 @@ static void gc_worker(struct work_struct
+@@ -1254,10 +1242,8 @@ static void gc_worker(struct work_struct
tmp = nf_ct_tuplehash_to_ctrack(h);
scanned++;
nf_ct_gc_expired(tmp);
--- a/net/netfilter/nf_flow_table_core.c
+++ b/net/netfilter/nf_flow_table_core.c
-@@ -183,6 +183,24 @@ static const struct rhashtable_params nf
+@@ -184,6 +184,24 @@ static const struct rhashtable_params nf
.automatic_shrinking = true,
};
int flow_offload_add(struct nf_flowtable *flow_table, struct flow_offload *flow)
{
int err;
-@@ -203,6 +221,7 @@ int flow_offload_add(struct nf_flowtable
+@@ -204,6 +222,7 @@ int flow_offload_add(struct nf_flowtable
return err;
}
flow->timeout = (u32)jiffies;
return 0;
}
-@@ -301,9 +320,14 @@ static inline bool nf_flow_has_expired(c
- static void nf_flow_offload_gc_step(struct flow_offload *flow, void *data)
+@@ -308,10 +327,15 @@ static void nf_flow_offload_gc_step(stru
{
struct nf_flowtable *flow_table = data;
+ struct flow_offload_entry *e;
+ bool teardown;
+
+ teardown = flow->flags & (FLOW_OFFLOAD_DYING | FLOW_OFFLOAD_TEARDOWN);
+ if (!teardown)
+ nf_ct_offload_timeout(flow);
-- if (nf_flow_has_expired(flow) ||
+ e = container_of(flow, struct flow_offload_entry, flow);
+- if (nf_flow_has_expired(flow) || nf_ct_is_dying(e->ct) ||
- (flow->flags & (FLOW_OFFLOAD_DYING | FLOW_OFFLOAD_TEARDOWN)))
-+ if (nf_flow_has_expired(flow) || teardown)
++ if (nf_flow_has_expired(flow) || nf_ct_is_dying(e->ct) || teardown)
flow_offload_del(flow_table, flow);
}
projects / openwrt / staging / mkresin.git / blobdiff