diff options
| author | Laura Garcia Liebana <nevola@gmail.com> | 2019-07-15 13:23:37 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2019-08-16 10:10:59 +0200 |
| commit | 4b3caa47345c29686f0a48940476d8a2435778c0 (patch) | |
| tree | b6570e79baad3e29c2684d41580fe5b81eadb7b0 | |
| parent | adc31faeb35004d1c6b51bc61345f5801feb1b56 (diff) | |
| download | linux-stable-4b3caa47345c29686f0a48940476d8a2435778c0.tar.gz linux-stable-4b3caa47345c29686f0a48940476d8a2435778c0.tar.bz2 linux-stable-4b3caa47345c29686f0a48940476d8a2435778c0.zip | |
netfilter: nft_hash: fix symhash with modulus one
[ Upstream commit 28b1d6ef53e3303b90ca8924bb78f31fa527cafb ]
The rule below doesn't work as the kernel raises -ERANGE.
nft add rule netdev nftlb lb01 ip daddr set \
symhash mod 1 map { 0 : 192.168.0.10 } fwd to "eth0"
This patch allows to use the symhash modulus with one
element, in the same way that the other types of hashes and
algorithms that uses the modulus parameter.
Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
| -rw-r--r-- | net/netfilter/nft_hash.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nft_hash.c b/net/netfilter/nft_hash.c index fe93e731dc7f..b836d550b919 100644 --- a/net/netfilter/nft_hash.c +++ b/net/netfilter/nft_hash.c @@ -129,7 +129,7 @@ static int nft_symhash_init(const struct nft_ctx *ctx, priv->dreg = nft_parse_register(tb[NFTA_HASH_DREG]); priv->modulus = ntohl(nla_get_be32(tb[NFTA_HASH_MODULUS])); - if (priv->modulus <= 1) + if (priv->modulus < 1) return -ERANGE; if (priv->offset + priv->modulus - 1 < priv->offset) |