As seen in the parsing code above, L4PROTO should be set to IPPROTO_TCP, not the port number itself. Co-Developed-by: Reinhard Nißl <reinhard.nissl@xxxxxx> Signed-off-by: Stephan Brunner <s.brunner@xxxxxxxxxxxxxxxxxxx> --- extensions/libct_proto_tcp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c index 27f5833..4681693 100644 --- a/extensions/libct_proto_tcp.c +++ b/extensions/libct_proto_tcp.c @@ -165,13 +165,13 @@ static int parse_options(char c, case '8': port = htons(atoi(optarg)); nfct_set_attr_u16(exptuple, ATTR_ORIG_PORT_SRC, port); - nfct_set_attr_u8(exptuple, ATTR_ORIG_L4PROTO, port); + nfct_set_attr_u8(exptuple, ATTR_ORIG_L4PROTO, IPPROTO_TCP); *flags |= CT_TCP_EXPTUPLE_SPORT; break; case '9': port = htons(atoi(optarg)); nfct_set_attr_u16(exptuple, ATTR_ORIG_PORT_DST, port); - nfct_set_attr_u8(exptuple, ATTR_ORIG_L4PROTO, port); + nfct_set_attr_u8(exptuple, ATTR_ORIG_L4PROTO, IPPROTO_TCP); *flags |= CT_TCP_EXPTUPLE_DPORT; break; } -- 2.45.2
