[NETFILTER]: xt_limit: don't reset state on unrelated rule updates

The limit match reinitializes its state whenever the ruleset changes, which means it will forget about previously used credits. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Patrick McHardy <kaber@trash.net> 2006-09-20 11:59:25 -0700
committer: David S. Miller <davem@sunset.davemloft.net> 2006-09-22 15:19:50 -0700
commit: 57dab5d0bfee21663ed20222b4cedeb0655ba1f3 (patch)
tree: adb83bae14ed15f1dd196577c4ab1462325bc8df
parent: ecb70c95c45ece0935b076295388267f6d8db65c (diff)
1 files changed, 8 insertions, 8 deletions
diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c
index b9c9ff3a06ea..8bfcbdfa8783 100644
--- a/net/netfilter/xt_limit.c
+++ b/net/netfilter/xt_limit.c
@@ -122,16 +122,16 @@ ipt_limit_checkentry(const char *tablename,
 		return 0;
 	}
 
-	/* User avg in seconds * XT_LIMIT_SCALE: convert to jiffies *
-	   128. */
-	r->prev = jiffies;
-	r->credit = user2credits(r->avg * r->burst);	 /* Credits full. */
-	r->credit_cap = user2credits(r->avg * r->burst); /* Credits full. */
-	r->cost = user2credits(r->avg);
-
 	/* For SMP, we only want to use one set of counters. */
 	r->master = r;
-
+	if (r->cost == 0) {
+		/* User avg in seconds * XT_LIMIT_SCALE: convert to jiffies *
+		   128. */
+		r->prev = jiffies;
+		r->credit = user2credits(r->avg * r->burst);	 /* Credits full. */
+		r->credit_cap = user2credits(r->avg * r->burst); /* Credits full. */
+		r->cost = user2credits(r->avg);
+	}
 	return 1;
 }
author	Patrick McHardy <kaber@trash.net>	2006-09-20 11:59:25 -0700
committer	David S. Miller <davem@sunset.davemloft.net>	2006-09-22 15:19:50 -0700
commit	57dab5d0bfee21663ed20222b4cedeb0655ba1f3 (patch)
tree	adb83bae14ed15f1dd196577c4ab1462325bc8df
parent	ecb70c95c45ece0935b076295388267f6d8db65c (diff)