summaryrefslogtreecommitdiffstats
path: root/extensions/libct_proto_tcp.c
diff options
context:
space:
mode:
author/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org>2005-11-03 20:47:17 +0000
committer/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org>2005-11-03 20:47:17 +0000
commita13351816d27350930e35ac6284fa4498f80d5e7 (patch)
tree0c241f631300da2619257862a4c18160f5e58b7d /extensions/libct_proto_tcp.c
parentba2a63e1b8e18e0d1f383af50d3d40c2eb785d3e (diff)
See ChangeLog
Diffstat (limited to 'extensions/libct_proto_tcp.c')
-rw-r--r--extensions/libct_proto_tcp.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c
index 7c1e605..36ef6fc 100644
--- a/extensions/libct_proto_tcp.c
+++ b/extensions/libct_proto_tcp.c
@@ -139,6 +139,7 @@ int parse_options(char c, char *argv[],
}
int final_check(unsigned int flags,
+ unsigned int command,
struct nfct_tuple *orig,
struct nfct_tuple *reply)
{
@@ -159,10 +160,11 @@ int final_check(unsigned int flags,
&& ((flags & (REPL_SPORT|REPL_DPORT))))
ret = 1;
- if (ret && (flags & STATE))
- return 1;
+ /* --state is missing and we are trying to create a conntrack */
+ if (ret && (command & CT_CREATE) && (!(flags & STATE)))
+ ret = 0;
- return 0;
+ return ret;
}
static struct ctproto_handler tcp = {