netfilter: conntrack: udp: fix seen-reply test

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

IPS_SEEN_REPLY_BIT is only useful for test_bit() api.

Fixes: 4883ec512c17 ("netfilter: conntrack: avoid reload of ct->status")
Reported-by: Roi Dayan <roid@nvidia.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Reviewed-by: Roi Dayan <roid@nvidia.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Florian Westphal and committed by

Pablo Neira Ayuso 3 years ago 28af0f00 1fb7696a

+1 -1

1 changed file

expand all

net

netfilter

nf_conntrack_proto_udp.c

+1 -1

net/netfilter/nf_conntrack_proto_udp.c

··· 104 104 /* If we've seen traffic both ways, this is some kind of UDP 105 105 * stream. Set Assured. 106 106 */ 107 - if (status & IPS_SEEN_REPLY_BIT) { 107 + if (status & IPS_SEEN_REPLY) { 108 108 unsigned long extra = timeouts[UDP_CT_UNREPLIED]; 109 109 bool stream = false; 110 110