Commit b37392c5 authored by Rusty Russell's avatar Rusty Russell Committed by David S. Miller

[NETFILTER]: get_unique_tuple doesn't always return unique tuple.

get_unique_tuple doesn't check that the tuple is unique if it finds
a hash_by_src match.
parent 1ce50eb4
......@@ -421,7 +421,8 @@ get_unique_tuple(struct ip_conntrack_tuple *tuple,
*tuple = ((struct ip_conntrack_tuple)
{ *manip, orig_tuple->dst });
DEBUGP("get_unique_tuple: Found current src map\n");
return 1;
if (!ip_nat_used_tuple(tuple, conntrack))
return 1;
}
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment