Commit 80bb3a00 authored by David S. Miller's avatar David S. Miller
parents 9a127aad 8f599229
...@@ -59,6 +59,7 @@ ...@@ -59,6 +59,7 @@
enum nf_ip6_hook_priorities { enum nf_ip6_hook_priorities {
NF_IP6_PRI_FIRST = INT_MIN, NF_IP6_PRI_FIRST = INT_MIN,
NF_IP6_PRI_CONNTRACK_DEFRAG = -400, NF_IP6_PRI_CONNTRACK_DEFRAG = -400,
NF_IP6_PRI_RAW = -300,
NF_IP6_PRI_SELINUX_FIRST = -225, NF_IP6_PRI_SELINUX_FIRST = -225,
NF_IP6_PRI_CONNTRACK = -200, NF_IP6_PRI_CONNTRACK = -200,
NF_IP6_PRI_MANGLE = -150, NF_IP6_PRI_MANGLE = -150,
......
...@@ -13,7 +13,7 @@ static const struct xt_table packet_raw = { ...@@ -13,7 +13,7 @@ static const struct xt_table packet_raw = {
.valid_hooks = RAW_VALID_HOOKS, .valid_hooks = RAW_VALID_HOOKS,
.me = THIS_MODULE, .me = THIS_MODULE,
.af = NFPROTO_IPV6, .af = NFPROTO_IPV6,
.priority = NF_IP6_PRI_FIRST, .priority = NF_IP6_PRI_RAW,
}; };
/* The work comes in here from netfilter.c. */ /* The work comes in here from netfilter.c. */
......
...@@ -493,6 +493,7 @@ static void hashlimit_ipv6_mask(__be32 *i, unsigned int p) ...@@ -493,6 +493,7 @@ static void hashlimit_ipv6_mask(__be32 *i, unsigned int p)
case 64 ... 95: case 64 ... 95:
i[2] = maskl(i[2], p - 64); i[2] = maskl(i[2], p - 64);
i[3] = 0; i[3] = 0;
break;
case 96 ... 127: case 96 ... 127:
i[3] = maskl(i[3], p - 96); i[3] = maskl(i[3], p - 96);
break; break;
...@@ -879,6 +880,7 @@ static void dl_seq_stop(struct seq_file *s, void *v) ...@@ -879,6 +880,7 @@ static void dl_seq_stop(struct seq_file *s, void *v)
struct xt_hashlimit_htable *htable = s->private; struct xt_hashlimit_htable *htable = s->private;
unsigned int *bucket = (unsigned int *)v; unsigned int *bucket = (unsigned int *)v;
if (!IS_ERR(bucket))
kfree(bucket); kfree(bucket);
spin_unlock_bh(&htable->lock); spin_unlock_bh(&htable->lock);
} }
......
...@@ -267,7 +267,7 @@ recent_mt(const struct sk_buff *skb, const struct xt_match_param *par) ...@@ -267,7 +267,7 @@ recent_mt(const struct sk_buff *skb, const struct xt_match_param *par)
for (i = 0; i < e->nstamps; i++) { for (i = 0; i < e->nstamps; i++) {
if (info->seconds && time_after(time, e->stamps[i])) if (info->seconds && time_after(time, e->stamps[i]))
continue; continue;
if (info->hit_count && ++hits >= info->hit_count) { if (!info->hit_count || ++hits >= info->hit_count) {
ret = !ret; ret = !ret;
break; break;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment