diff options
-rw-r--r-- | net/netfilter/xt_hashlimit.c | 15 |
1 files changed, 5 insertions, 10 deletions
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index b46a8390896d..9228ee0dc11a 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c | |||
@@ -448,6 +448,7 @@ hashlimit_init_dst(const struct xt_hashlimit_htable *hinfo, | |||
448 | { | 448 | { |
449 | __be16 _ports[2], *ports; | 449 | __be16 _ports[2], *ports; |
450 | u8 nexthdr; | 450 | u8 nexthdr; |
451 | int poff; | ||
451 | 452 | ||
452 | memset(dst, 0, sizeof(*dst)); | 453 | memset(dst, 0, sizeof(*dst)); |
453 | 454 | ||
@@ -492,19 +493,13 @@ hashlimit_init_dst(const struct xt_hashlimit_htable *hinfo, | |||
492 | return 0; | 493 | return 0; |
493 | } | 494 | } |
494 | 495 | ||
495 | switch (nexthdr) { | 496 | poff = proto_ports_offset(nexthdr); |
496 | case IPPROTO_TCP: | 497 | if (poff >= 0) { |
497 | case IPPROTO_UDP: | 498 | ports = skb_header_pointer(skb, protoff + poff, sizeof(_ports), |
498 | case IPPROTO_UDPLITE: | ||
499 | case IPPROTO_SCTP: | ||
500 | case IPPROTO_DCCP: | ||
501 | ports = skb_header_pointer(skb, protoff, sizeof(_ports), | ||
502 | &_ports); | 499 | &_ports); |
503 | break; | 500 | } else { |
504 | default: | ||
505 | _ports[0] = _ports[1] = 0; | 501 | _ports[0] = _ports[1] = 0; |
506 | ports = _ports; | 502 | ports = _ports; |
507 | break; | ||
508 | } | 503 | } |
509 | if (!ports) | 504 | if (!ports) |
510 | return -1; | 505 | return -1; |