netfilter: nat: fix src map lookup

[mirror_ubuntu-artful-kernel.git] / net / netfilter / nf_nat_core.c

diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c
index 832c5a08d9a58f216f61008ebdb6636e2384f5e3..eb541786ccb7c79b3498477dfefc2927368f1a6f 100644 (file)
--- a/net/netfilter/nf_nat_core.c
+++ b/net/netfilter/nf_nat_core.c
@@ -222,20 +222,21 @@ find_appropriate_src(struct net *net,
                .tuple = tuple,
                .zone = zone
        };
-       struct rhlist_head *hl;
+       struct rhlist_head *hl, *h;
 
        hl = rhltable_lookup(&nf_nat_bysource_table, &key,
                             nf_nat_bysource_params);
-       if (!hl)
-               return 0;
 
-       ct = container_of(hl, typeof(*ct), nat_bysource);
+       rhl_for_each_entry_rcu(ct, h, hl, nat_bysource) {
+               nf_ct_invert_tuplepr(result,
+                                    &ct->tuplehash[IP_CT_DIR_REPLY].tuple);
+               result->dst = tuple->dst;
 
-       nf_ct_invert_tuplepr(result,
-                            &ct->tuplehash[IP_CT_DIR_REPLY].tuple);
-       result->dst = tuple->dst;
+               if (in_range(l3proto, l4proto, result, range))
+                       return 1;
+       }
 
-       return in_range(l3proto, l4proto, result, range);
+       return 0;
 }
 
 /* For [FUTURE] fragmentation handling, we want the least-used