evaluate: Fix incorrect checking the `base` variable in case of IPV6

Found by RASU JSC. Fixes: 2b29ea5f3c3e ("src: ct: add eval part to inject dependencies for ct saddr/daddr") Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Maks Mishin <maks.mishinfz@gmail.com> 2024-05-15 23:25:03 +0300
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2024-06-03 20:17:49 +0200
commit: f6b579344eee17e5587b6a7fcc444fe997cd8cb6 (patch)
tree: 7deaed8ddbdd09edc3addc0f2e5f5f2e803920e3
parent: 3f3c70948f451127d06afb23e2221ed7e17eb977 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index 8ab0c9e2..227f5da8 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1126,7 +1126,7 @@ static int ct_gen_nh_dependency(struct eval_ctx *ctx, struct expr *ct)
 		base = pctx->protocol[PROTO_BASE_NETWORK_HDR].desc;
 		if (base == &proto_ip)
 			ct->ct.nfproto = NFPROTO_IPV4;
-		else if (base == &proto_ip)
+		else if (base == &proto_ip6)
 			ct->ct.nfproto = NFPROTO_IPV6;
 
 		if (base)
author	Maks Mishin <maks.mishinfz@gmail.com>	2024-05-15 23:25:03 +0300
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2024-06-03 20:17:49 +0200
commit	f6b579344eee17e5587b6a7fcc444fe997cd8cb6 (patch)
tree	7deaed8ddbdd09edc3addc0f2e5f5f2e803920e3
parent	3f3c70948f451127d06afb23e2221ed7e17eb977 (diff)