From: Amos Kong <akong@xxxxxxxxxx>
According to IEEE 802.1Q, 4096 is not a valid vlan id, 4095 is reserved.
Signed-off-by: Amos Kong <akong@xxxxxxxxxx>
---
net/bridge/netfilter/ebt_vlan.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/bridge/netfilter/ebt_vlan.c b/net/bridge/netfilter/ebt_vlan.c
index eae67bf..5bdebc3 100644
--- a/net/bridge/netfilter/ebt_vlan.c
+++ b/net/bridge/netfilter/ebt_vlan.c
@@ -121,8 +121,8 @@ static int ebt_vlan_mt_check(const struct xt_mtchk_param *par)
* if_vlan.h: VLAN_N_VID 4096. */
if (GET_BITMASK(EBT_VLAN_ID)) {
if (!!info->id) { /* if id!=0 => check vid range */
- if (info->id > VLAN_N_VID) {
- pr_debug("id %d is out of range (1-4096)\n",
+ if (info->id >= VLAN_N_VID - 1) {
+ pr_debug("id %d is out of range (1-4094)\n",
info->id);
return -EINVAL;
}
--
1.7.11.7
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
