[NETFILTER]: xt_conntrack: fix IPv4 address comparison
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>
Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx>
---
commit 54b4910d81a787d932d0a3237a8a15879f8eb8b8
tree c1551c39ec76a38a5ee9cb92af07e98ade545bbb
parent bcc67d744bd9df15cb4e2d590b30ddadebd5a867
author Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx> Wed, 27 Feb 2008 13:23:57 +0100
committer Patrick McHardy <kaber@xxxxxxxxx> Wed, 27 Feb 2008 13:23:57 +0100
net/netfilter/xt_conntrack.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c
index dd192ac..0c50b28 100644
--- a/net/netfilter/xt_conntrack.c
+++ b/net/netfilter/xt_conntrack.c
@@ -122,7 +122,7 @@ conntrack_addrcmp(const union nf_inet_addr *kaddr,
const union nf_inet_addr *umask, unsigned int l3proto)
{
if (l3proto == AF_INET)
- return (kaddr->ip & umask->ip) == uaddr->ip;
+ return ((kaddr->ip ^ uaddr->ip) & umask->ip) == 0;
else if (l3proto == AF_INET6)
return ipv6_masked_addr_cmp(&kaddr->in6, &umask->in6,
&uaddr->in6) == 0;
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
