[NETFILTER]: ctnetlink: set expected bit for related conntracks
This patch is a fix. It sets IPS_EXPECTED for related conntracks.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 9be1826..7d23124 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -1024,8 +1024,10 @@
}
/* setup master conntrack: this is a confirmed expectation */
- if (master_ct)
+ if (master_ct) {
+ __set_bit(IPS_EXPECTED_BIT, &ct->status);
ct->master = master_ct;
+ }
add_timer(&ct->timeout);
nf_conntrack_hash_insert(ct);