[NETFILTER]: xt_conntrack: fix IPv4 address comparison
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
d61f89e941
commit
6556874dc3
@ -122,7 +122,7 @@ conntrack_addrcmp(const union nf_inet_addr *kaddr,
|
|||||||
const union nf_inet_addr *umask, unsigned int l3proto)
|
const union nf_inet_addr *umask, unsigned int l3proto)
|
||||||
{
|
{
|
||||||
if (l3proto == AF_INET)
|
if (l3proto == AF_INET)
|
||||||
return (kaddr->ip & umask->ip) == uaddr->ip;
|
return ((kaddr->ip ^ uaddr->ip) & umask->ip) == 0;
|
||||||
else if (l3proto == AF_INET6)
|
else if (l3proto == AF_INET6)
|
||||||
return ipv6_masked_addr_cmp(&kaddr->in6, &umask->in6,
|
return ipv6_masked_addr_cmp(&kaddr->in6, &umask->in6,
|
||||||
&uaddr->in6) == 0;
|
&uaddr->in6) == 0;
|
||||||
|
Loading…
Reference in New Issue
Block a user