diff --git a/[refs] b/[refs]
index c3eae9dbc92b..00207913fe94 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 0a0755c9fe47dc9f8271935909c66096e43efbfe
+refs/heads/master: c49b9f295e513753e6d9bb4444ba502f1aa59b29
diff --git a/trunk/net/netfilter/xt_socket.c b/trunk/net/netfilter/xt_socket.c
index 02a8fed21082..1acc089be7e9 100644
--- a/trunk/net/netfilter/xt_socket.c
+++ b/trunk/net/netfilter/xt_socket.c
@@ -141,7 +141,7 @@ socket_mt(const struct sk_buff *skb, const struct xt_match_param *par)
 	sk = nf_tproxy_get_sock_v4(dev_net(skb->dev), protocol,
 				   saddr, daddr, sport, dport, par->in, false);
 	if (sk != NULL) {
-		bool wildcard = (inet_sk(sk)->rcv_saddr == 0);
+		bool wildcard = (sk->sk_state != TCP_TIME_WAIT && inet_sk(sk)->rcv_saddr == 0);
 
 		nf_tproxy_put_sock(sk);
 		if (wildcard)