netfilter: xt_hashlimit: use proto_ports_offset() to support AH message
Signed-off-by: Changli Gao <xiaosuo@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
3d04ebb6ab
commit
aca071c1c1
1 changed files with 5 additions and 10 deletions
|
@ -448,6 +448,7 @@ hashlimit_init_dst(const struct xt_hashlimit_htable *hinfo,
|
|||
{
|
||||
__be16 _ports[2], *ports;
|
||||
u8 nexthdr;
|
||||
int poff;
|
||||
|
||||
memset(dst, 0, sizeof(*dst));
|
||||
|
||||
|
@ -492,19 +493,13 @@ hashlimit_init_dst(const struct xt_hashlimit_htable *hinfo,
|
|||
return 0;
|
||||
}
|
||||
|
||||
switch (nexthdr) {
|
||||
case IPPROTO_TCP:
|
||||
case IPPROTO_UDP:
|
||||
case IPPROTO_UDPLITE:
|
||||
case IPPROTO_SCTP:
|
||||
case IPPROTO_DCCP:
|
||||
ports = skb_header_pointer(skb, protoff, sizeof(_ports),
|
||||
poff = proto_ports_offset(nexthdr);
|
||||
if (poff >= 0) {
|
||||
ports = skb_header_pointer(skb, protoff + poff, sizeof(_ports),
|
||||
&_ports);
|
||||
break;
|
||||
default:
|
||||
} else {
|
||||
_ports[0] = _ports[1] = 0;
|
||||
ports = _ports;
|
||||
break;
|
||||
}
|
||||
if (!ports)
|
||||
return -1;
|
||||
|
|
Loading…
Reference in a new issue