summaryrefslogtreecommitdiffstats
path: root/kernel/net/netfilter
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/net/netfilter')
-rw-r--r--kernel/net/netfilter/xt_set.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/net/netfilter/xt_set.c b/kernel/net/netfilter/xt_set.c
index a7ac913..f10c6de 100644
--- a/kernel/net/netfilter/xt_set.c
+++ b/kernel/net/netfilter/xt_set.c
@@ -510,7 +510,7 @@ set_target_v3_checkentry(const struct xt_tgchk_param *par)
}
if (((info->flags & IPSET_FLAG_MAP_SKBPRIO) |
(info->flags & IPSET_FLAG_MAP_SKBQUEUE)) &&
- !(par->hook_mask & (1 << NF_INET_FORWARD |
+ (par->hook_mask & ~(1 << NF_INET_FORWARD |
1 << NF_INET_LOCAL_OUT |
1 << NF_INET_POST_ROUTING))) {
pr_warn("mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains\n");