Gao Feng <f...@ikuai8.com> wrote: > > [ 23.465616] ------------[ cut here ]------------ > > [ 23.466477] WARNING: CPU: 0 PID: 1225 at > > net/netfilter/nf_conntrack_seqadj.c:232 > > nf_ct_seq_offset+0x7a/0x9a > > [ 23.468458] Missing nfct_seqadj_ext_add() setup call > > > > It should be that nf_ct_add_synproxy failed and the seqadj extentision is > not added.
Note that nfct_synproxy_ext_add always returns NULL if CONFIG_NETFILTER_SYNPROXY=n The warning should also be removed. > When nf_ct_add_synproxy fails, the init_conntrack fails too and return > ERR_PTR(-ENOMEM). In this case, the packet should be dropped directly, and > should not be processed by the latter codes. This means the commit breaks conntrack if SYNPROXY=n
