[NETFILTER]: xt_conntrack: fix IPv4 address comparison

Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Jan Engelhardt 2008-02-27 12:20:41 -08:00 committed by David S. Miller
parent d61f89e941
commit 6556874dc3

View File

@ -122,7 +122,7 @@ conntrack_addrcmp(const union nf_inet_addr *kaddr,
const union nf_inet_addr *umask, unsigned int l3proto) const union nf_inet_addr *umask, unsigned int l3proto)
{ {
if (l3proto == AF_INET) if (l3proto == AF_INET)
return (kaddr->ip & umask->ip) == uaddr->ip; return ((kaddr->ip ^ uaddr->ip) & umask->ip) == 0;
else if (l3proto == AF_INET6) else if (l3proto == AF_INET6)
return ipv6_masked_addr_cmp(&kaddr->in6, &umask->in6, return ipv6_masked_addr_cmp(&kaddr->in6, &umask->in6,
&uaddr->in6) == 0; &uaddr->in6) == 0;