commit c07bc1ffbdc14312b214b56fa39f4a4ab1406b8e

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

[NETFILTER]: Fix return value confusion in PPTP NAT helper

ip_nat_mangle_tcp_packet doesn't return NF_* values but 0/1 for
failure/success.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Patrick McHardy and committed by

David S. Miller 20 years ago c07bc1ff 03b9feca

+13 -23

1 changed file

expand all

unified split

net

ipv4

netfilter

ip_nat_helper_pptp.c

+13 -23

net/ipv4/netfilter/ip_nat_helper_pptp.c

··· 299 299 u_int16_t msg, new_cid = 0, new_pcid; 300 300 unsigned int pcid_off, cid_off = 0; 301 301 302 - int ret = NF_ACCEPT, rv; 303 - 304 302 new_pcid = htons(nat_pptp_info->pns_call_id); 305 303 306 304 switch (msg = ntohs(ctlh->messageType)) { ··· 343 345 /* mangle packet */ 344 346 DEBUGP("altering peer call id from 0x%04x to 0x%04x\n", 345 347 ntohs(*(u_int16_t *)pptpReq + pcid_off), ntohs(new_pcid)); 346 - 347 - rv = ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, 348 - pcid_off + sizeof(struct pptp_pkt_hdr) + 349 - sizeof(struct PptpControlHeader), 350 - sizeof(new_pcid), (char *)&new_pcid, 351 - sizeof(new_pcid)); 352 - if (rv != NF_ACCEPT) 353 - return rv; 348 + 349 + if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, 350 + pcid_off + sizeof(struct pptp_pkt_hdr) + 351 + sizeof(struct PptpControlHeader), 352 + sizeof(new_pcid), (char *)&new_pcid, 353 + sizeof(new_pcid)) == 0) 354 + return NF_DROP; 354 355 355 356 if (new_cid) { 356 357 DEBUGP("altering call id from 0x%04x to 0x%04x\n", 357 358 ntohs(*(u_int16_t *)pptpReq + cid_off), ntohs(new_cid)); 358 - rv = ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, 359 - cid_off + sizeof(struct pptp_pkt_hdr) + 360 - sizeof(struct PptpControlHeader), 361 - sizeof(new_cid), (char *)&new_cid, 362 - sizeof(new_cid)); 363 - if (rv != NF_ACCEPT) 364 - return rv; 359 + if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, 360 + cid_off + sizeof(struct pptp_pkt_hdr) + 361 + sizeof(struct PptpControlHeader), 362 + sizeof(new_cid), (char *)&new_cid, 363 + sizeof(new_cid)) == 0) 364 + return NF_DROP; 365 365 } 366 - 367 - /* check for earlier return value of 'switch' above */ 368 - if (ret != NF_ACCEPT) 369 - return ret; 370 - 371 - /* great, at least we don't need to resize packets */ 372 366 return NF_ACCEPT; 373 367 } 374 368