netfilter: xt_hashlimit: use proto_ports_offset() to support AH message

Signed-off-by: N Changli Gao <xiaosuo@gmail.com> Signed-off-by: N David S. Miller <davem@davemloft.net>

netfilter: xt_hashlimit: use proto_ports_offset() to support AH message
Signed-off-by: N Changli Gao <xiaosuo@gmail.com> Signed-off-by: N David S. Miller <davem@davemloft.net>
aca071c1 · Changli Gao · David S. Miller · 3d04ebb6 · aca071c1
隐藏空白更改
内联并排

Showing with 5 addition and 10 deletion

net/netfilter/xt_hashlimit.c net/netfilter/xt_hashlimit.c +5 -10

未找到文件。
--- a/net/netfilter/xt_hashlimit.c
+++ b/net/netfilter/xt_hashlimit.c
@@ -448,6 +448,7 @@ hashlimit_init_dst(const struct xt_hashlimit_htable *hinfo,
 {
 	__be16 _ports[2], *ports;
 	u8 nexthdr;
+	int poff;

 	memset(dst, 0, sizeof(*dst));

@@ -492,19 +493,13 @@ hashlimit_init_dst(const struct xt_hashlimit_htable *hinfo,
 		return 0;
 	}

-	switch (nexthdr) {
-	case IPPROTO_TCP:
-	case IPPROTO_UDP:
-	case IPPROTO_UDPLITE:
-	case IPPROTO_SCTP:
-	case IPPROTO_DCCP:
-		ports = skb_header_pointer(skb, protoff, sizeof(_ports),
+	poff = proto_ports_offset(nexthdr);
+	if (poff >= 0) {
+		ports = skb_header_pointer(skb, protoff + poff, sizeof(_ports),
 					   &_ports);
-		break;
-	default:
+	} else {
 		_ports[0] = _ports[1] = 0;
 		ports = _ports;
-		break;
 	}
 	if (!ports)
 		return -1;