netfilter: nf_flow_table: set default timeout after successful insertion

Set up the default timeout for this new entry otherwise the garbage collector might quickly remove it right after the flowtable insertion. Fixes: ac2a666 ("netfilter: add generic flow table infrastructure") Signed-off-by: Pablo Neira Ayuso <[email protected]>
niw · Sep 3, 2019 · 110e487 · 110e487
1 parent b067fa0
commit 110e487
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c
@@ -217,7 +217,7 @@ int flow_offload_add(struct nf_flowtable *flow_table, struct flow_offload *flow)
 		return err;
 	}
 
-	flow->timeout = (u32)jiffies;
+	flow->timeout = (u32)jiffies + NF_FLOW_TIMEOUT;
 	return 0;
 }
 EXPORT_SYMBOL_GPL(flow_offload_add);