From 6fc6ffc272a18ffb50f78e2583975aff2dd9a3ca Mon Sep 17 00:00:00 2001
From: Pablo Neira <pablo@eurodev.net>
Date: Tue, 9 Aug 2005 20:02:55 -0700
Subject: [PATCH] --- yaml --- r: 6259 b: refs/heads/master c:
 88aa0429048d08c18f2772782588f953bbbd79be h: refs/heads/master i:   6257:
 53ce4785e780769f3b896f96f0d7798d488ec5c1   6255:
 8e1748fa928125f463118586f36fd77dda8ce0d3 v: v3

---
 [refs]                                          |  2 +-
 trunk/net/ipv4/netfilter/ip_conntrack_netlink.c | 13 +++++++------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/[refs] b/[refs]
index f4866a109f3b..c8803a34c7e8 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 94cd2b67641e7ddc2e6ed71d76e00116957423db
+refs/heads/master: 88aa0429048d08c18f2772782588f953bbbd79be
diff --git a/trunk/net/ipv4/netfilter/ip_conntrack_netlink.c b/trunk/net/ipv4/netfilter/ip_conntrack_netlink.c
index 36a046f22105..0ab2d7df6bc4 100644
--- a/trunk/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/trunk/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -1052,13 +1052,14 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb,
 		err = -ENOENT;
 		if (nlh->nlmsg_flags & NLM_F_CREATE)
 			err = ctnetlink_create_conntrack(cda, &otuple, &rtuple);
+		return err;
+	}
+	/* implicit 'else' */
+
+	/* we only allow nat config for new conntracks */
+	if (cda[CTA_NAT-1]) {
+		err = -EINVAL;
 		goto out_unlock;
-	} else {
-		/* we only allow nat config for new conntracks */
-		if (cda[CTA_NAT-1]) {
-			err = -EINVAL;
-			goto out_unlock;
-		}
 	}
 
 	/* We manipulate the conntrack inside the global conntrack table lock,