diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-04-24 22:55:34 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2020-06-22 10:05:14 +0300 |
| commit | fbcd580375fe0740850ef62fb2be250abe8b56de (patch) | |
| tree | 4b999ef9284455ff60679d349c4ca249c5ff0d8b /net/netfilter | |
| parent | 4fe5dcafc74d9729e5f11f2d418c394eadbe0035 (diff) | |
| download | linux-fbcd580375fe0740850ef62fb2be250abe8b56de.tar.xz | |
netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
[ Upstream commit 0d7c83463fdf7841350f37960a7abadd3e650b41 ]
Instead of EINVAL which should be used for malformed netlink messages.
Fixes: eb31628e37a0 ("netfilter: nf_tables: Add support for IPv6 NAT")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'net/netfilter')
| -rw-r--r-- | net/netfilter/nft_nat.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/netfilter/nft_nat.c b/net/netfilter/nft_nat.c index c15807d10b91..3e82a7d0df2a 100644 --- a/net/netfilter/nft_nat.c +++ b/net/netfilter/nft_nat.c @@ -135,7 +135,7 @@ static int nft_nat_init(const struct nft_ctx *ctx, const struct nft_expr *expr, priv->type = NF_NAT_MANIP_DST; break; default: - return -EINVAL; + return -EOPNOTSUPP; } if (tb[NFTA_NAT_FAMILY] == NULL) @@ -202,7 +202,7 @@ static int nft_nat_init(const struct nft_ctx *ctx, const struct nft_expr *expr, if (tb[NFTA_NAT_FLAGS]) { priv->flags = ntohl(nla_get_be32(tb[NFTA_NAT_FLAGS])); if (priv->flags & ~NF_NAT_RANGE_MASK) - return -EINVAL; + return -EOPNOTSUPP; } return nf_ct_netns_get(ctx->net, family); |