netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [NETFILTER]: xt_conntrack: fix IPv4 address comparison
@ 2008-02-21 15:10 Jan Engelhardt
  2008-02-21 15:12 ` Patrick McHardy
  0 siblings, 1 reply; 2+ messages in thread
From: Jan Engelhardt @ 2008-02-21 15:10 UTC (permalink / raw)
  To: kaber; +Cc: Netfilter Developer Mailing List

commit 58293ef3fa84c39093321a44ab11aa6cb7befbd8
Author: Jan Engelhardt <jengelh@computergmbh.de>
Date:   Thu Feb 21 15:41:05 2008 +0100

    [NETFILTER]: xt_conntrack: fix IPv4 address comparison
    
    Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>

diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c
index dd192ac..0c50b28 100644
--- a/net/netfilter/xt_conntrack.c
+++ b/net/netfilter/xt_conntrack.c
@@ -122,7 +122,7 @@ conntrack_addrcmp(const union nf_inet_addr *kaddr,
                   const union nf_inet_addr *umask, unsigned int l3proto)
 {
 	if (l3proto == AF_INET)
-		return (kaddr->ip & umask->ip) == uaddr->ip;
+		return ((kaddr->ip ^ uaddr->ip) & umask->ip) == 0;
 	else if (l3proto == AF_INET6)
 		return ipv6_masked_addr_cmp(&kaddr->in6, &umask->in6,
 		       &uaddr->in6) == 0;


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [NETFILTER]: xt_conntrack: fix IPv4 address comparison
  2008-02-21 15:10 [NETFILTER]: xt_conntrack: fix IPv4 address comparison Jan Engelhardt
@ 2008-02-21 15:12 ` Patrick McHardy
  0 siblings, 0 replies; 2+ messages in thread
From: Patrick McHardy @ 2008-02-21 15:12 UTC (permalink / raw)
  To: Jan Engelhardt; +Cc: Netfilter Developer Mailing List

Jan Engelhardt wrote:
> commit 58293ef3fa84c39093321a44ab11aa6cb7befbd8
> Author: Jan Engelhardt <jengelh@computergmbh.de>
> Date:   Thu Feb 21 15:41:05 2008 +0100
> 
>     [NETFILTER]: xt_conntrack: fix IPv4 address comparison


Applied, thanks. I'm beginning to wonder how much testing
you gave this though ...


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2008-02-21 15:12 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-02-21 15:10 [NETFILTER]: xt_conntrack: fix IPv4 address comparison Jan Engelhardt
2008-02-21 15:12 ` Patrick McHardy

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).