tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

netfilter: nft_synproxy: unregister hooks on init error path

Disable the IPv4 hooks if the IPv6 hooks fail to be registered.

Fixes: ad49d86e07a4 ("netfilter: nf_tables: Add synproxy support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Pablo Neira Ayuso 2b4e5fb4 2e71ec1a

+3 -1
+3 -1
net/netfilter/nft_synproxy.c
··· 191 191 if (err) 192 192 goto nf_ct_failure; 193 193 err = nf_synproxy_ipv6_init(snet, ctx->net); 194 - if (err) 194 + if (err) { 195 + nf_synproxy_ipv4_fini(snet, ctx->net); 195 196 goto nf_ct_failure; 197 + } 196 198 break; 197 199 } 198 200