From 1d81c326a1e0e974a78d0338003ea3cd188dc3f4 Mon Sep 17 00:00:00 2001
From: Chion Tang <sdspeedonion@gmail.com>
Date: Sat, 28 Apr 2018 07:13:27 +0100
Subject: fix: conntrack rcu reference leak

---
 xt_FULLCONENAT.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/xt_FULLCONENAT.c b/xt_FULLCONENAT.c
index 00ec5d6..cf6f8aa 100644
--- a/xt_FULLCONENAT.c
+++ b/xt_FULLCONENAT.c
@@ -197,6 +197,7 @@ static int check_mapping(struct nat_mapping* mapping, struct net *net, const str
   struct list_head *iter, *tmp;
   struct nat_mapping_original_tuple *original_tuple_item;
   struct nf_conntrack_tuple_hash *tuple_hash;
+  struct nf_conn *ct;
 
   if (mapping == NULL) {
     return 0;
@@ -223,6 +224,10 @@ static int check_mapping(struct nat_mapping* mapping, struct net *net, const str
       list_del(&original_tuple_item->node);
       kfree(original_tuple_item);
       (mapping->refer_count)--;
+    } else {
+      ct = nf_ct_tuplehash_to_ctrack(tuple_hash);
+      if (ct != NULL)
+        nf_ct_put(ct);
     }
   }
 
-- 
cgit v1.2.3