From 8264f7e91bb196c100e6e13249ce770dab8e9e43 Mon Sep 17 00:00:00 2001
From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org"
 </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org>
Date: Wed, 18 Jul 2007 20:00:40 +0000
Subject: add layer 4 protocol comparison to nfct_compare()

---
 src/conntrack/compare.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'src/conntrack')

diff --git a/src/conntrack/compare.c b/src/conntrack/compare.c
index 0792a8a..a5c66e2 100644
--- a/src/conntrack/compare.c
+++ b/src/conntrack/compare.c
@@ -46,6 +46,18 @@ int __compare(const struct nf_conntrack *ct1,
 	    ct2->tuple[__DIR_REPL].l3protonum)
 		return 0;
 
+	if (test_bit(ATTR_ORIG_L4PROTO, ct1->set) &&
+	    test_bit(ATTR_ORIG_L4PROTO, ct2->set) &&
+	    ct1->tuple[__DIR_ORIG].protonum !=
+	    ct2->tuple[__DIR_ORIG].protonum)
+		return 0;
+
+	if (test_bit(ATTR_REPL_L4PROTO, ct1->set) &&
+	    test_bit(ATTR_REPL_L4PROTO, ct2->set) &&
+	    ct1->tuple[__DIR_REPL].protonum !=
+	    ct2->tuple[__DIR_REPL].protonum)
+		return 0;
+
 	if (test_bit(ATTR_ORIG_IPV4_SRC, ct1->set) &&
 	    test_bit(ATTR_ORIG_IPV4_SRC, ct2->set) &&
 	    ct1->tuple[__DIR_ORIG].src.v4 !=
-- 
cgit v1.2.3