projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cdd73cc) | patch
netfilter: nft_osf: check for TCP packet before further processing
authorPablo Neira Ayuso <pablo@netfilter.org>
Thu, 10 Jun 2021 18:20:31 +0000 (20:20 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 16 Jun 2021 18:51:50 +0000 (20:51 +0200)
commit8f518d43f89ae00b9cf5460e10b91694944ca1a8
treec5eaf39218f5a65a61920c8d8ba3f45958945f2ftree | snapshot
parentcdd73cc545c0fb9b1a1f7b209f4f536e7990cff4commit | diff
netfilter: nft_osf: check for TCP packet before further processing

The osf expression only supports for TCP packets, add a upfront sanity
check to skip packet parsing if this is not a TCP packet.

Fixes: b96af92d6eaf ("netfilter: nf_tables: implement Passive OS fingerprint module in nft_osf")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nft_osf.c diff | blob | history
Domain: System / Kernel;