[PATCH 11/12] libxt_conntrack: resolve erroneous rev-2 port range message

[Jan Engelhardt <jengelh@xxxxxxxxxx>]

  --ctorigdstport 13
ip6tables-restore v1.4.10: conntrack rev 2 does not support port ranges

Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
 extensions/libxt_conntrack.c |    8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 0262b01..ed0bd93 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -534,6 +534,10 @@ static void conntrack1_mt_parse(struct xt_option_call *cb)
 
 	memset(&up, 0, sizeof(up));
 	cinfo_transform(&up, info);
+	up.origsrc_port_high = up.origsrc_port;
+	up.origdst_port_high = up.origdst_port;
+	up.replsrc_port_high = up.replsrc_port;
+	up.repldst_port_high = up.repldst_port;
 	cb->data = &up;
 	conntrack_mt_parse(cb, 3);
 	if (up.origsrc_port != up.origsrc_port_high ||
@@ -556,6 +560,10 @@ static void conntrack2_mt_parse(struct xt_option_call *cb)
 
 	memset(&up, 0, sizeof(up));
 	memcpy(&up, info, sizeof(*info));
+	up.origsrc_port_high = up.origsrc_port;
+	up.origdst_port_high = up.origdst_port;
+	up.replsrc_port_high = up.replsrc_port;
+	up.repldst_port_high = up.repldst_port;
 	cb->data = &up;
 	conntrack_mt_parse(cb, 3);
 	if (up.origsrc_port != up.origsrc_port_high ||
-- 
1.7.1

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html