summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLiping Zhang <liping.zhang@spreadtrum.com>2016-06-08 14:20:10 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2016-06-23 14:15:33 +0200
commit62131e5d735226074cba53095545d76b491e5003 (patch)
tree0f7183d2ccc0ab5f4f2968f4705327892bd11cb0
parentnetfilter: nf_tables: fix memory leak if expr init fails (diff)
downloadlinux-62131e5d735226074cba53095545d76b491e5003.tar.xz
linux-62131e5d735226074cba53095545d76b491e5003.zip
netfilter: nft_meta: set skb->nf_trace appropriately
When user add a nft rule to set nftrace to zero, for example: # nft add rule ip filter input nftrace set 0 We should set nf_trace to zero also. Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--net/netfilter/nft_meta.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c
index 16c50b0dd426..f4bad9dc15c4 100644
--- a/net/netfilter/nft_meta.c
+++ b/net/netfilter/nft_meta.c
@@ -227,7 +227,7 @@ void nft_meta_set_eval(const struct nft_expr *expr,
skb->pkt_type = value;
break;
case NFT_META_NFTRACE:
- skb->nf_trace = 1;
+ skb->nf_trace = !!value;
break;
default:
WARN_ON(1);