netfilter: ip6t_NPT: Fix prefix mangling

Make sure only the bits that are part of the prefix are mangled. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@linux-ipv6.org> 2013-01-26 03:38:44 -0500
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-02-07 12:40:26 -0500
commit: d4c38fa87d2b05be5daafb6a92b6ad15b66da8cb (patch)
tree: 54bcf1050741d90e313a85ec7186c8ca73f0f067
parent: f5271fff56c76e92fde122bcc02f102e99da5c8a (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/netfilter/ip6t_NPT.c b/net/ipv6/netfilter/ip6t_NPT.c
index 68788c84aee7..87b759c11da5 100644
--- a/net/ipv6/netfilter/ip6t_NPT.c
+++ b/net/ipv6/netfilter/ip6t_NPT.c
@@ -51,7 +51,7 @@ static bool ip6t_npt_map_pfx(const struct ip6t_npt_tginfo *npt,
                idx = i / 32;
                addr->s6_addr32[idx] &= mask;
-                addr->s6_addr32[idx] |= npt->dst_pfx.in6.s6_addr32[idx];
+                addr->s6_addr32[idx] |= ~mask & npt->dst_pfx.in6.s6_addr32[idx];
        }
        if (pfx_len <= 48)
author	YOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@linux-ipv6.org>	2013-01-26 03:38:44 -0500
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-02-07 12:40:26 -0500
commit	d4c38fa87d2b05be5daafb6a92b6ad15b66da8cb (patch)
tree	54bcf1050741d90e313a85ec7186c8ca73f0f067
parent	f5271fff56c76e92fde122bcc02f102e99da5c8a (diff)

diff --git a/net/ipv6/netfilter/ip6t_NPT.c b/net/ipv6/netfilter/ip6t_NPT.c index 68788c84aee7..87b759c11da5 100644 --- a/net/ipv6/netfilter/ip6t_NPT.c +++ b/net/ipv6/netfilter/ip6t_NPT.c
@@ -51,7 +51,7 @@ static bool ip6t_npt_map_pfx(const struct ip6t_npt_tginfo *npt,
51		51
52	idx = i / 32;	52	idx = i / 32;
53	addr->s6_addr32[idx] &= mask;	53	addr->s6_addr32[idx] &= mask;
54	addr->s6_addr32[idx] \|= npt->dst_pfx.in6.s6_addr32[idx];	54	addr->s6_addr32[idx] \|= ~mask & npt->dst_pfx.in6.s6_addr32[idx];
55	}	55	}
56		56
57	if (pfx_len <= 48)	57	if (pfx_len <= 48)