/spare/repo/netdev-2.6 branch 'ieee80211'

author: Jeff Garzik <jgarzik@pobox.com> 2005-09-01 18:02:27 -0400
committer: Jeff Garzik <jgarzik@pobox.com> 2005-09-01 18:02:27 -0400
commit: ceeec3dc375e3b0618f16b34efc56fe093918f8b (patch)
tree: 2293d02721ee05131aaf1c60e4fba7e281585eec /net/ipv4/netfilter/ipt_CONNMARK.c
parent: fbff868db3a4cc6a89d51da9a6d49b26c29d04fb (diff)
parent: e3ee3b78f83688a0ae4315e8be71b2eac559904a (diff)
1 files changed, 9 insertions, 6 deletions
diff --git a/net/ipv4/netfilter/ipt_CONNMARK.c b/net/ipv4/netfilter/ipt_CONNMARK.c
index 30ddd3e18eb..13463802133 100644
--- a/net/ipv4/netfilter/ipt_CONNMARK.c
+++ b/net/ipv4/netfilter/ipt_CONNMARK.c
@@ -40,9 +40,9 @@ target(struct sk_buff **pskb,
        void *userinfo)
 {
 	const struct ipt_connmark_target_info *markinfo = targinfo;
-	unsigned long diff;
-	unsigned long nfmark;
-	unsigned long newmark;
+	u_int32_t diff;
+	u_int32_t nfmark;
+	u_int32_t newmark;
 
 	enum ip_conntrack_info ctinfo;
 	struct ip_conntrack *ct = ip_conntrack_get((*pskb), &ctinfo);
@@ -61,10 +61,8 @@ target(struct sk_buff **pskb,
 	    case IPT_CONNMARK_RESTORE:
 		nfmark = (*pskb)->nfmark;
 		diff = (ct->mark ^ nfmark) & markinfo->mask;
-		if (diff != 0) {
+		if (diff != 0)
 		    (*pskb)->nfmark = nfmark ^ diff;
-		    (*pskb)->nfcache |= NFC_ALTERED;
-		}
 		break;
 	    }
 	}
@@ -94,6 +92,11 @@ checkentry(const char *tablename,
 	    }
 	}
 
+	if (matchinfo->mark > 0xffffffff || matchinfo->mask > 0xffffffff) {
+		printk(KERN_WARNING "CONNMARK: Only supports 32bit mark\n");
+		return 0;
+	}
+
 	return 1;
 }
author	Jeff Garzik <jgarzik@pobox.com>	2005-09-01 18:02:27 -0400
committer	Jeff Garzik <jgarzik@pobox.com>	2005-09-01 18:02:27 -0400
commit	ceeec3dc375e3b0618f16b34efc56fe093918f8b (patch)
tree	2293d02721ee05131aaf1c60e4fba7e281585eec /net/ipv4/netfilter/ipt_CONNMARK.c
parent	fbff868db3a4cc6a89d51da9a6d49b26c29d04fb (diff)
parent	e3ee3b78f83688a0ae4315e8be71b2eac559904a (diff)