diff options
Diffstat (limited to 'net/ipv4')
| -rw-r--r-- | net/ipv4/netfilter/ip_nat_proto_icmp.c | 4 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 8 | ||||
| -rw-r--r-- | net/ipv4/netfilter/nf_conntrack_proto_icmp.c | 2 |
3 files changed, 6 insertions, 8 deletions
diff --git a/net/ipv4/netfilter/ip_nat_proto_icmp.c b/net/ipv4/netfilter/ip_nat_proto_icmp.c index 75266fe3e0fa..fb716edd5bc6 100644 --- a/net/ipv4/netfilter/ip_nat_proto_icmp.c +++ b/net/ipv4/netfilter/ip_nat_proto_icmp.c | |||
| @@ -24,8 +24,8 @@ icmp_in_range(const struct ip_conntrack_tuple *tuple, | |||
| 24 | const union ip_conntrack_manip_proto *min, | 24 | const union ip_conntrack_manip_proto *min, |
| 25 | const union ip_conntrack_manip_proto *max) | 25 | const union ip_conntrack_manip_proto *max) |
| 26 | { | 26 | { |
| 27 | return (tuple->src.u.icmp.id >= min->icmp.id | 27 | return ntohs(tuple->src.u.icmp.id) >= ntohs(min->icmp.id) && |
| 28 | && tuple->src.u.icmp.id <= max->icmp.id); | 28 | ntohs(tuple->src.u.icmp.id) <= ntohs(max->icmp.id); |
| 29 | } | 29 | } |
| 30 | 30 | ||
| 31 | static int | 31 | static int |
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c index f24e872d4b90..2b73e3edd94d 100644 --- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | |||
| @@ -41,7 +41,7 @@ | |||
| 41 | static int ipv4_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff, | 41 | static int ipv4_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff, |
| 42 | struct nf_conntrack_tuple *tuple) | 42 | struct nf_conntrack_tuple *tuple) |
| 43 | { | 43 | { |
| 44 | u_int32_t _addrs[2], *ap; | 44 | __be32 _addrs[2], *ap; |
| 45 | ap = skb_header_pointer(skb, nhoff + offsetof(struct iphdr, saddr), | 45 | ap = skb_header_pointer(skb, nhoff + offsetof(struct iphdr, saddr), |
| 46 | sizeof(u_int32_t) * 2, _addrs); | 46 | sizeof(u_int32_t) * 2, _addrs); |
| 47 | if (ap == NULL) | 47 | if (ap == NULL) |
| @@ -410,10 +410,8 @@ static int ipv4_nfattr_to_tuple(struct nfattr *tb[], | |||
| 410 | if (nfattr_bad_size(tb, CTA_IP_MAX, cta_min_ip)) | 410 | if (nfattr_bad_size(tb, CTA_IP_MAX, cta_min_ip)) |
| 411 | return -EINVAL; | 411 | return -EINVAL; |
| 412 | 412 | ||
| 413 | t->src.u3.ip = | 413 | t->src.u3.ip = *(__be32 *)NFA_DATA(tb[CTA_IP_V4_SRC-1]); |
| 414 | *(u_int32_t *)NFA_DATA(tb[CTA_IP_V4_SRC-1]); | 414 | t->dst.u3.ip = *(__be32 *)NFA_DATA(tb[CTA_IP_V4_DST-1]); |
| 415 | t->dst.u3.ip = | ||
| 416 | *(u_int32_t *)NFA_DATA(tb[CTA_IP_V4_DST-1]); | ||
| 417 | 415 | ||
| 418 | return 0; | 416 | return 0; |
| 419 | } | 417 | } |
diff --git a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c index 46aa44abc078..d25002fb8176 100644 --- a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c +++ b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c | |||
| @@ -311,7 +311,7 @@ static int icmp_nfattr_to_tuple(struct nfattr *tb[], | |||
| 311 | tuple->dst.u.icmp.code = | 311 | tuple->dst.u.icmp.code = |
| 312 | *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_ICMP_CODE-1]); | 312 | *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_ICMP_CODE-1]); |
| 313 | tuple->src.u.icmp.id = | 313 | tuple->src.u.icmp.id = |
| 314 | *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_ICMP_ID-1]); | 314 | *(__be16 *)NFA_DATA(tb[CTA_PROTO_ICMP_ID-1]); |
| 315 | 315 | ||
| 316 | if (tuple->dst.u.icmp.type >= sizeof(invmap) | 316 | if (tuple->dst.u.icmp.type >= sizeof(invmap) |
| 317 | || !invmap[tuple->dst.u.icmp.type]) | 317 | || !invmap[tuple->dst.u.icmp.type]) |