]> bbs.cooldavid.org Git - net-next-2.6.git/blobdiff - net/netfilter/xt_connlimit.c
git://bbs.cooldavid.org / net-next-2.6.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
netfilter: Use unsigned types for hooknum and pf vars
[net-next-2.6.git] / net / netfilter / xt_connlimit.c
diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c
index 2e89a00df92cfe223f93158099cf53713ebcf449..1655e2cf25c455860f2509b8ecf782a549a5451e 100644 (file)
--- a/net/netfilter/xt_connlimit.c
+++ b/net/netfilter/xt_connlimit.c
@@ -73,7 +73,8 @@ connlimit_iphash6(const union nf_inet_addr *addr,
 static inline bool already_closed(const struct nf_conn *conn)
 {
        if (nf_ct_protonum(conn) == IPPROTO_TCP)
-               return conn->proto.tcp.state == TCP_CONNTRACK_TIME_WAIT;
+               return conn->proto.tcp.state == TCP_CONNTRACK_TIME_WAIT ||
+                      conn->proto.tcp.state == TCP_CONNTRACK_CLOSE;
        else
                return 0;
 }
@@ -81,7 +82,7 @@ static inline bool already_closed(const struct nf_conn *conn)
 static inline unsigned int
 same_source_net(const union nf_inet_addr *addr,
                const union nf_inet_addr *mask,
-               const union nf_inet_addr *u3, unsigned int family)
+               const union nf_inet_addr *u3, u_int8_t family)
 {
        if (family == AF_INET) {
                return (addr->ip & mask->ip) == (u3->ip & mask->ip);
Clone of davem's net-next-2.6 tree