netfilter: xt_connlimit: use hotdrop jump mark

author Richard Weinberger <richard@nod.at>

Tue, 18 Jan 2011 00:36:57 +0000 (01:36 +0100)

committer Jan Engelhardt <jengelh@medozas.de>

Tue, 18 Jan 2011 05:50:41 +0000 (06:50 +0100)
author Richard Weinberger <richard@nod.at>
Tue, 18 Jan 2011 00:36:57 +0000 (01:36 +0100)
committer Jan Engelhardt <jengelh@medozas.de>
Tue, 18 Jan 2011 05:50:41 +0000 (06:50 +0100)
diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c

index 5c5b6b9..452bc16 100644 (file)
--- a/net/netfilter/xt_connlimit.c
+++ b/net/netfilter/xt_connlimit.c
@@ -204,11 +204,9 @@ connlimit_mt(const struct sk_buff *skb, struct xt_action_param *par)
                                  &info->mask, par->family);
         spin_unlock_bh(&info->data->lock);
  
-       if (connections < 0) {
+       if (connections < 0)
                 /* kmalloc failed, drop it entirely */
-               par->hotdrop = true;
-               return false;
-       }
+               goto hotdrop;
  
         return (connections > info->limit) ^ info->inverse;
author	Richard Weinberger <richard@nod.at>
	Tue, 18 Jan 2011 00:36:57 +0000 (01:36 +0100)
committer	Jan Engelhardt <jengelh@medozas.de>
	Tue, 18 Jan 2011 05:50:41 +0000 (06:50 +0100)