aboutsummaryrefslogtreecommitdiff
path: root/net/netfilter/xt_CT.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/netfilter/xt_CT.c')
-rw-r--r--net/netfilter/xt_CT.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c
index 8183a054256f..61c50fa84703 100644
--- a/net/netfilter/xt_CT.c
+++ b/net/netfilter/xt_CT.c
@@ -16,6 +16,7 @@
#include <net/netfilter/nf_conntrack.h>
#include <net/netfilter/nf_conntrack_helper.h>
#include <net/netfilter/nf_conntrack_ecache.h>
+#include <net/netfilter/nf_conntrack_zones.h>
static unsigned int xt_ct_target(struct sk_buff *skb,
const struct xt_target_param *par)
@@ -69,11 +70,16 @@ static bool xt_ct_tg_check(const struct xt_tgchk_param *par)
goto out;
}
+#ifndef CONFIG_NF_CONNTRACK_ZONES
+ if (info->zone)
+ goto err1;
+#endif
+
if (nf_ct_l3proto_try_module_get(par->family) < 0)
goto err1;
memset(&t, 0, sizeof(t));
- ct = nf_conntrack_alloc(par->net, &t, &t, GFP_KERNEL);
+ ct = nf_conntrack_alloc(par->net, info->zone, &t, &t, GFP_KERNEL);
if (IS_ERR(ct))
goto err2;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 13:26:45 +0000