diff options
Diffstat (limited to 'iptables/nft-ipv4.c')
-rw-r--r-- | iptables/nft-ipv4.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c index 42167351..dcc4a8ed 100644 --- a/iptables/nft-ipv4.c +++ b/iptables/nft-ipv4.c @@ -207,10 +207,12 @@ static void nft_ipv4_parse_payload(struct nft_xt_ctx *ctx, cs->fw.ip.invflags |= IPT_INV_FRAG; break; case offsetof(struct iphdr, ttl): - nft_parse_hl(ctx, e, cs); + if (nft_parse_hl(ctx, e, cs) < 0) + ctx->errmsg = "invalid ttl field match"; break; default: DEBUGP("unknown payload offset %d\n", sreg->payload.offset); + ctx->errmsg = "unknown payload offset"; break; } } |