Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-02 10:11:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

netfilter: xt_TPROXY: fix invflags check in tproxy_tg6_check()

Browse Source 
We have to check for IP6T_INV_PROTO in invflags, instead of flags.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Balazs Scheidler <bazsi@balabit.hu>
This commit is contained in:
Pablo Neira Ayuso 2015-03-20 13:56:06 +01:00
parent 4017a7ee69
commit 3d8c6dce53
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
net/netfilter/xt_TPROXY.c
View File

@ -513,8 +513,8 @@ static int tproxy_tg6_check(const struct xt_tgchk_param *par)
{ {
const struct ip6t_ip6 *i = par->entryinfo; const struct ip6t_ip6 *i = par->entryinfo;
if ((i->proto == IPPROTO_TCP || i->proto == IPPROTO_UDP) if ((i->proto == IPPROTO_TCP || i->proto == IPPROTO_UDP) &&
&& !(i->flags & IP6T_INV_PROTO)) !(i->invflags & IP6T_INV_PROTO))
return 0; return 0;
pr_info("Can be used only in combination with " pr_info("Can be used only in combination with "