Skip to content

Commit

Permalink
[NETFILTER]: xt_conntrack: fix missing boolean clamping
Browse files Browse the repository at this point in the history 
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Jan Engelhardt authored and David S. Miller committed Feb 27, 2008
1 parent 4e29e9e commit d61f89e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion net/netfilter/xt_conntrack.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,7 @@ conntrack_mt(const struct sk_buff *skb, const struct net_device *in,
if (test_bit(IPS_DST_NAT_BIT, &ct->status))
statebit |= XT_CONNTRACK_STATE_DNAT;
}
if ((info->state_mask & statebit) ^
if (!!(info->state_mask & statebit) ^
!(info->invert_flags & XT_CONNTRACK_STATE))
return false;
}
Expand Down

0 comments on commit d61f89e

Please sign in to comment.