diff options
author | Jan Engelhardt <jengelh@computergmbh.de> | 2008-02-27 12:09:05 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-02-27 12:09:05 -0800 |
commit | d61f89e9417e68caf9ca801606694c1c960ad179 (patch) | |
tree | 59b00d14ba3c22886af006e6631bd607746d76b0 | |
parent | 4e29e9ec7e0707d3925f5dcc29af0d3f04e49833 (diff) |
[NETFILTER]: xt_conntrack: fix missing boolean clamping
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/netfilter/xt_conntrack.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c index 85330856a29..dd192ac74b4 100644 --- a/net/netfilter/xt_conntrack.c +++ b/net/netfilter/xt_conntrack.c @@ -231,7 +231,7 @@ conntrack_mt(const struct sk_buff *skb, const struct net_device *in, if (test_bit(IPS_DST_NAT_BIT, &ct->status)) statebit |= XT_CONNTRACK_STATE_DNAT; } - if ((info->state_mask & statebit) ^ + if (!!(info->state_mask & statebit) ^ !(info->invert_flags & XT_CONNTRACK_STATE)) return false; } |