aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/linux/netfilter/nfnetlink_queue.h1
-rw-r--r--net/netfilter/nfnetlink_queue_core.c5
2 files changed, 6 insertions, 0 deletions
diff --git a/include/linux/netfilter/nfnetlink_queue.h b/include/linux/netfilter/nfnetlink_queue.h
index e0d8fd8d4d24..3b1c1360aedf 100644
--- a/include/linux/netfilter/nfnetlink_queue.h
+++ b/include/linux/netfilter/nfnetlink_queue.h
@@ -95,5 +95,6 @@ enum nfqnl_attr_config {
95/* Flags for NFQA_CFG_FLAGS */ 95/* Flags for NFQA_CFG_FLAGS */
96#define NFQA_CFG_F_FAIL_OPEN (1 << 0) 96#define NFQA_CFG_F_FAIL_OPEN (1 << 0)
97#define NFQA_CFG_F_CONNTRACK (1 << 1) 97#define NFQA_CFG_F_CONNTRACK (1 << 1)
98#define NFQA_CFG_F_MAX (1 << 2)
98 99
99#endif /* _NFNETLINK_QUEUE_H */ 100#endif /* _NFNETLINK_QUEUE_H */
diff --git a/net/netfilter/nfnetlink_queue_core.c b/net/netfilter/nfnetlink_queue_core.c
index a0b64920039d..c0496a55ad0c 100644
--- a/net/netfilter/nfnetlink_queue_core.c
+++ b/net/netfilter/nfnetlink_queue_core.c
@@ -910,6 +910,11 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
910 flags = ntohl(nla_get_be32(nfqa[NFQA_CFG_FLAGS])); 910 flags = ntohl(nla_get_be32(nfqa[NFQA_CFG_FLAGS]));
911 mask = ntohl(nla_get_be32(nfqa[NFQA_CFG_MASK])); 911 mask = ntohl(nla_get_be32(nfqa[NFQA_CFG_MASK]));
912 912
913 if (flags >= NFQA_CFG_F_MAX) {
914 ret = -EOPNOTSUPP;
915 goto err_out_unlock;
916 }
917
913 spin_lock_bh(&queue->lock); 918 spin_lock_bh(&queue->lock);
914 queue->flags &= ~mask; 919 queue->flags &= ~mask;
915 queue->flags |= flags & mask; 920 queue->flags |= flags & mask;
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-24 04:11:40 -0500