summary refs log tree commit diff
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2006-09-20 11:59:25 -0700
committerDavid S. Miller <davem@sunset.davemloft.net>2006-09-22 15:19:50 -0700
commit57dab5d0bfee21663ed20222b4cedeb0655ba1f3 (patch)
treeadb83bae14ed15f1dd196577c4ab1462325bc8df
parentecb70c95c45ece0935b076295388267f6d8db65c (diff)
downloadlinux-57dab5d0bfee21663ed20222b4cedeb0655ba1f3.tar.gz
[NETFILTER]: xt_limit: don't reset state on unrelated rule updates
The limit match reinitializes its state whenever the ruleset changes,
which means it will forget about previously used credits.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat
-rw-r--r--net/netfilter/xt_limit.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c
index b9c9ff3a06ea..8bfcbdfa8783 100644
--- a/net/netfilter/xt_limit.c
+++ b/net/netfilter/xt_limit.c
@@ -122,16 +122,16 @@ ipt_limit_checkentry(const char *tablename,
 		return 0;
 	}
 
-	/* User avg in seconds * XT_LIMIT_SCALE: convert to jiffies *
-	   128. */
-	r->prev = jiffies;
-	r->credit = user2credits(r->avg * r->burst);	 /* Credits full. */
-	r->credit_cap = user2credits(r->avg * r->burst); /* Credits full. */
-	r->cost = user2credits(r->avg);
-
 	/* For SMP, we only want to use one set of counters. */
 	r->master = r;
-
+	if (r->cost == 0) {
+		/* User avg in seconds * XT_LIMIT_SCALE: convert to jiffies *
+		   128. */
+		r->prev = jiffies;
+		r->credit = user2credits(r->avg * r->burst);	 /* Credits full. */
+		r->credit_cap = user2credits(r->avg * r->burst); /* Credits full. */
+		r->cost = user2credits(r->avg);
+	}
 	return 1;
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-27 02:17:52 +0000