diff options
| author | Simon Horman <horms@verge.net.au> | 2008-08-19 03:36:22 -0400 |
|---|---|---|
| committer | Simon Horman <horms@verge.net.au> | 2008-08-19 03:36:22 -0400 |
| commit | 3f087668c4e7c97289f0a67f9278ae6e0a765a80 (patch) | |
| tree | 6b278344bf96d31a328bf76e445b189bff5f0ce9 /net/ipv4 | |
| parent | 51df1901394a714d1a17202da02ae4957260eab5 (diff) | |
| parent | e5befbd9525d92bb074b70192eb2c69aae65fc60 (diff) | |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
Diffstat (limited to 'net/ipv4')
| -rw-r--r-- | net/ipv4/netfilter/ipt_addrtype.c | 2 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_nat_proto_common.c | 8 |
2 files changed, 7 insertions, 3 deletions
diff --git a/net/ipv4/netfilter/ipt_addrtype.c b/net/ipv4/netfilter/ipt_addrtype.c index 49587a497229..462a22c97877 100644 --- a/net/ipv4/netfilter/ipt_addrtype.c +++ b/net/ipv4/netfilter/ipt_addrtype.c | |||
| @@ -70,7 +70,7 @@ addrtype_mt_v1(const struct sk_buff *skb, const struct net_device *in, | |||
| 70 | (info->flags & IPT_ADDRTYPE_INVERT_SOURCE); | 70 | (info->flags & IPT_ADDRTYPE_INVERT_SOURCE); |
| 71 | if (ret && info->dest) | 71 | if (ret && info->dest) |
| 72 | ret &= match_type(dev, iph->daddr, info->dest) ^ | 72 | ret &= match_type(dev, iph->daddr, info->dest) ^ |
| 73 | (info->flags & IPT_ADDRTYPE_INVERT_DEST); | 73 | !!(info->flags & IPT_ADDRTYPE_INVERT_DEST); |
| 74 | return ret; | 74 | return ret; |
| 75 | } | 75 | } |
| 76 | 76 | ||
diff --git a/net/ipv4/netfilter/nf_nat_proto_common.c b/net/ipv4/netfilter/nf_nat_proto_common.c index 91537f11273f..6c4f11f51446 100644 --- a/net/ipv4/netfilter/nf_nat_proto_common.c +++ b/net/ipv4/netfilter/nf_nat_proto_common.c | |||
| @@ -73,9 +73,13 @@ bool nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple, | |||
| 73 | range_size = ntohs(range->max.all) - min + 1; | 73 | range_size = ntohs(range->max.all) - min + 1; |
| 74 | } | 74 | } |
| 75 | 75 | ||
| 76 | off = *rover; | ||
| 77 | if (range->flags & IP_NAT_RANGE_PROTO_RANDOM) | 76 | if (range->flags & IP_NAT_RANGE_PROTO_RANDOM) |
| 78 | off = net_random(); | 77 | off = secure_ipv4_port_ephemeral(tuple->src.u3.ip, tuple->dst.u3.ip, |
| 78 | maniptype == IP_NAT_MANIP_SRC | ||
| 79 | ? tuple->dst.u.all | ||
| 80 | : tuple->src.u.all); | ||
| 81 | else | ||
| 82 | off = *rover; | ||
| 79 | 83 | ||
| 80 | for (i = 0; i < range_size; i++, off++) { | 84 | for (i = 0; i < range_size; i++, off++) { |
| 81 | *portptr = htons(min + off % range_size); | 85 | *portptr = htons(min + off % range_size); |