diff options
| author | David S. Miller <davem@davemloft.net> | 2018-01-05 16:33:01 +0100 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2018-01-05 16:33:01 +0100 |
| commit | f737be8d61f251d2c1632f871ba824aa5a512384 (patch) | |
| tree | 7aea2c6a1184ef022303a725efafe406b8050006 /include | |
| parent | uapi/if_ether.h: prevent redefinition of struct ethhdr (diff) | |
| parent | netfilter: nf_tables: fix potential NULL-ptr deref in nf_tables_dump_obj_done() (diff) | |
| download | linux-f737be8d61f251d2c1632f871ba824aa5a512384.tar.xz linux-f737be8d61f251d2c1632f871ba824aa5a512384.zip | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
The following patchset contains Netfilter fixes for your net tree,
they are:
1) Fix chain filtering when dumping rules via nf_tables_dump_rules().
2) Fix accidental change in NF_CT_STATE_UNTRACKED_BIT through uapi,
introduced when removing the untracked conntrack object, from
Florian Westphal.
3) Fix potential nul-dereference when releasing dump filter in
nf_tables_dump_obj_done(), patch from Hangbin Liu.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
| -rw-r--r-- | include/uapi/linux/netfilter/nf_conntrack_common.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/uapi/linux/netfilter/nf_conntrack_common.h b/include/uapi/linux/netfilter/nf_conntrack_common.h index 3fea7709a441..57ccfb32e87f 100644 --- a/include/uapi/linux/netfilter/nf_conntrack_common.h +++ b/include/uapi/linux/netfilter/nf_conntrack_common.h @@ -36,7 +36,7 @@ enum ip_conntrack_info { #define NF_CT_STATE_INVALID_BIT (1 << 0) #define NF_CT_STATE_BIT(ctinfo) (1 << ((ctinfo) % IP_CT_IS_REPLY + 1)) -#define NF_CT_STATE_UNTRACKED_BIT (1 << (IP_CT_UNTRACKED + 1)) +#define NF_CT_STATE_UNTRACKED_BIT (1 << 6) /* Bitset representing status of connection. */ enum ip_conntrack_status { |