aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter/xt_connmark.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/netfilter/xt_connmark.c')
-rw-r--r--net/netfilter/xt_connmark.c17
1 files changed, 17 insertions, 0 deletions
diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c
index e810600345e3a..7b16f1ee16b4a 100644
--- a/net/netfilter/xt_connmark.c
+++ b/net/netfilter/xt_connmark.c
@@ -64,14 +64,30 @@ checkentry(const char *tablename,
printk(KERN_WARNING "connmark: only support 32bit mark\n");
return 0;
}
+#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
+ if (nf_ct_l3proto_try_module_get(match->family) < 0) {
+ printk(KERN_WARNING "can't load nf_conntrack support for "
+ "proto=%d\n", match->family);
+ return 0;
+ }
+#endif
return 1;
}
+static void
+destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize)
+{
+#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
+ nf_ct_l3proto_module_put(match->family);
+#endif
+}
+
static struct xt_match connmark_match = {
.name = "connmark",
.match = match,
.matchsize = sizeof(struct xt_connmark_info),
.checkentry = checkentry,
+ .destroy = destroy,
.family = AF_INET,
.me = THIS_MODULE
};
@@ -81,6 +97,7 @@ static struct xt_match connmark6_match = {
.match = match,
.matchsize = sizeof(struct xt_connmark_info),
.checkentry = checkentry,
+ .destroy = destroy,
.family = AF_INET6,
.me = THIS_MODULE
};
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-28 12:03:07 +0000