diff options
| author | Benjamin Herrenschmidt <benh@kernel.crashing.org> | 2009-12-09 17:14:38 +1100 |
|---|---|---|
| committer | Benjamin Herrenschmidt <benh@kernel.crashing.org> | 2009-12-09 17:14:38 +1100 |
| commit | bcd6acd51f3d4d1ada201e9bc5c40a31d6d80c71 (patch) | |
| tree | 2f6dffd2d3e4dd67355a224de7e7a960335a92fd /net/netfilter/xt_socket.c | |
| parent | 11c34c7deaeeebcee342cbc35e1bb2a6711b2431 (diff) | |
| parent | 3ff6a468b45b5dfeb0e903e56f4eb27d34b2437c (diff) | |
Merge commit 'origin/master' into next
Conflicts:
include/linux/kvm.h
Diffstat (limited to 'net/netfilter/xt_socket.c')
| -rw-r--r-- | net/netfilter/xt_socket.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/net/netfilter/xt_socket.c b/net/netfilter/xt_socket.c index ebf00ad5b194..6a902564d24f 100644 --- a/net/netfilter/xt_socket.c +++ b/net/netfilter/xt_socket.c @@ -149,7 +149,7 @@ socket_match(const struct sk_buff *skb, const struct xt_match_param *par, /* Ignore sockets listening on INADDR_ANY */ wildcard = (sk->sk_state != TCP_TIME_WAIT && - inet_sk(sk)->rcv_saddr == 0); + inet_sk(sk)->inet_rcv_saddr == 0); /* Ignore non-transparent sockets, if XT_SOCKET_TRANSPARENT is used */ @@ -192,7 +192,8 @@ static struct xt_match socket_mt_reg[] __read_mostly = { .revision = 0, .family = NFPROTO_IPV4, .match = socket_mt_v0, - .hooks = 1 << NF_INET_PRE_ROUTING, + .hooks = (1 << NF_INET_PRE_ROUTING) | + (1 << NF_INET_LOCAL_IN), .me = THIS_MODULE, }, { @@ -201,7 +202,8 @@ static struct xt_match socket_mt_reg[] __read_mostly = { .family = NFPROTO_IPV4, .match = socket_mt_v1, .matchsize = sizeof(struct xt_socket_mtinfo1), - .hooks = 1 << NF_INET_PRE_ROUTING, + .hooks = (1 << NF_INET_PRE_ROUTING) | + (1 << NF_INET_LOCAL_IN), .me = THIS_MODULE, }, }; |