diff options
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/netfilter/ip6t_REJECT.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c index 544b0a9da1b5..12331efd49cf 100644 --- a/net/ipv6/netfilter/ip6t_REJECT.c +++ b/net/ipv6/netfilter/ip6t_REJECT.c | |||
| @@ -83,7 +83,8 @@ static int reject_tg6_check(const struct xt_tgchk_param *par) | |||
| 83 | return -EINVAL; | 83 | return -EINVAL; |
| 84 | } else if (rejinfo->with == IP6T_TCP_RESET) { | 84 | } else if (rejinfo->with == IP6T_TCP_RESET) { |
| 85 | /* Must specify that it's a TCP packet */ | 85 | /* Must specify that it's a TCP packet */ |
| 86 | if (e->ipv6.proto != IPPROTO_TCP || | 86 | if (!(e->ipv6.flags & IP6T_F_PROTO) || |
| 87 | e->ipv6.proto != IPPROTO_TCP || | ||
| 87 | (e->ipv6.invflags & XT_INV_PROTO)) { | 88 | (e->ipv6.invflags & XT_INV_PROTO)) { |
| 88 | pr_info("TCP_RESET illegal for non-tcp\n"); | 89 | pr_info("TCP_RESET illegal for non-tcp\n"); |
| 89 | return -EINVAL; | 90 | return -EINVAL; |