Commit 75063c92 authored by Eric Dumazet's avatar Eric Dumazet Committed by Pablo Neira Ayuso

netfilter: xt_socket: fix a typo in socket_mt_destroy()

Calling nf_defrag_ipv4_disable() instead of nf_defrag_ipv6_disable()
was probably not the intent.

I found this by code inspection, while chasing a possible issue in TPROXY.

Fixes: de8c1211 ("netfilter: disable defrag once its no longer needed")
Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
Reviewed-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 7152303c
...@@ -221,7 +221,7 @@ static void socket_mt_destroy(const struct xt_mtdtor_param *par) ...@@ -221,7 +221,7 @@ static void socket_mt_destroy(const struct xt_mtdtor_param *par)
if (par->family == NFPROTO_IPV4) if (par->family == NFPROTO_IPV4)
nf_defrag_ipv4_disable(par->net); nf_defrag_ipv4_disable(par->net);
else if (par->family == NFPROTO_IPV6) else if (par->family == NFPROTO_IPV6)
nf_defrag_ipv4_disable(par->net); nf_defrag_ipv6_disable(par->net);
} }
static struct xt_match socket_mt_reg[] __read_mostly = { static struct xt_match socket_mt_reg[] __read_mostly = {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment