diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-06-13 11:45:38 (GMT) |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-06-16 11:08:14 (GMT) |
commit | 915136065b7ca75af4cae06281e4dc43926edbfe (patch) | |
tree | a7ac3f16f90b58a14900846a80fa3d28ebc01eeb /net | |
parent | 6403d96254c7c44fdfa163248b1198c714c65f6a (diff) | |
download | linux-915136065b7ca75af4cae06281e4dc43926edbfe.tar.xz |
netfilter: nft_nat: don't dump port information if unset
Don't include port information attributes if they are unset.
Reported-by: Ana Rey <anarey@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/nft_nat.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/net/netfilter/nft_nat.c b/net/netfilter/nft_nat.c index a0195d2..79ff58c 100644 --- a/net/netfilter/nft_nat.c +++ b/net/netfilter/nft_nat.c @@ -175,12 +175,14 @@ static int nft_nat_dump(struct sk_buff *skb, const struct nft_expr *expr) if (nla_put_be32(skb, NFTA_NAT_REG_ADDR_MAX, htonl(priv->sreg_addr_max))) goto nla_put_failure; - if (nla_put_be32(skb, - NFTA_NAT_REG_PROTO_MIN, htonl(priv->sreg_proto_min))) - goto nla_put_failure; - if (nla_put_be32(skb, - NFTA_NAT_REG_PROTO_MAX, htonl(priv->sreg_proto_max))) - goto nla_put_failure; + if (priv->sreg_proto_min) { + if (nla_put_be32(skb, NFTA_NAT_REG_PROTO_MIN, + htonl(priv->sreg_proto_min))) + goto nla_put_failure; + if (nla_put_be32(skb, NFTA_NAT_REG_PROTO_MAX, + htonl(priv->sreg_proto_max))) + goto nla_put_failure; + } return 0; nla_put_failure: |