aboutsummaryrefslogtreecommitdiff
path: root/net
diff options
context:
space:
mode:
authorYOSHIFUJI Hideaki / 吉藤英明 <yoshfuji@linux-ipv6.org>2013-01-26 08:38:44 +0000
committerPablo Neira Ayuso <pablo@netfilter.org>2013-02-07 18:40:26 +0100
commitd4c38fa87d2b05be5daafb6a92b6ad15b66da8cb (patch)
tree54bcf1050741d90e313a85ec7186c8ca73f0f067 /net
parentf5271fff56c76e92fde122bcc02f102e99da5c8a (diff)
netfilter: ip6t_NPT: Fix prefix mangling
Make sure only the bits that are part of the prefix are mangled. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r--net/ipv6/netfilter/ip6t_NPT.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/netfilter/ip6t_NPT.c b/net/ipv6/netfilter/ip6t_NPT.c
index 68788c84aee..87b759c11da 100644
--- a/net/ipv6/netfilter/ip6t_NPT.c
+++ b/net/ipv6/netfilter/ip6t_NPT.c
@@ -51,7 +51,7 @@ static bool ip6t_npt_map_pfx(const struct ip6t_npt_tginfo *npt,
idx = i / 32;
addr->s6_addr32[idx] &= mask;
- addr->s6_addr32[idx] |= npt->dst_pfx.in6.s6_addr32[idx];
+ addr->s6_addr32[idx] |= ~mask & npt->dst_pfx.in6.s6_addr32[idx];
}
if (pfx_len <= 48)