[NETFILTER]: nf_conntrack_pptp: fix NAT setup of expected GRE connections
When an expected connection arrives, the NAT helper should be called to set up NAT similar to the master connection. The PPTP conntrack helper incorrectly checks whether the _expected_ connection has NAT setup before calling the NAT helper (which is never the case), instead of checkeing whether the _master_ connection is NATed. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
a46bf7d5a8
commit
7399072a73
1 changed files with 1 additions and 1 deletions
|
@ -113,7 +113,7 @@ static void pptp_expectfn(struct nf_conn *ct,
|
||||||
|
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
nf_nat_pptp_expectfn = rcu_dereference(nf_nat_pptp_hook_expectfn);
|
nf_nat_pptp_expectfn = rcu_dereference(nf_nat_pptp_hook_expectfn);
|
||||||
if (nf_nat_pptp_expectfn && ct->status & IPS_NAT_MASK)
|
if (nf_nat_pptp_expectfn && ct->master->status & IPS_NAT_MASK)
|
||||||
nf_nat_pptp_expectfn(ct, exp);
|
nf_nat_pptp_expectfn(ct, exp);
|
||||||
else {
|
else {
|
||||||
struct nf_conntrack_tuple inv_t;
|
struct nf_conntrack_tuple inv_t;
|
||||||
|
|
Loading…
Reference in a new issue