netfilter: xt_TCPMSS: correct return value in tcpmss_mangle_packet

In commit b396966c4 (netfilter: xt_TCPMSS: Fix missing fragmentation handling),
I attempted to add safe fragment handling to xt_TCPMSS.  However, Andy Padavan
of Project N56U correctly points out that returning XT_CONTINUE in this
function does not work.  The callers (tcpmss_tg[46]) expect to receive a value
of 0 in order to return XT_CONTINUE.

Signed-off-by: Phil Oester <[email protected]>
Signed-off-by: Pablo Neira Ayuso <[email protected]>

diff --git a/net/netfilter/xt_TCPMSS.c b/net/netfilter/xt_TCPMSS.c
index 6113cc7efffcd782cee9d8c2e07ffc399f6e67c4..cd24290f3b2fdbff20088a0ffd2692fb6240a9ce 100644 (file)
--- a/net/netfilter/xt_TCPMSS.c
+++ b/net/netfilter/xt_TCPMSS.c
@@ -60,7 +60,7 @@ tcpmss_mangle_packet(struct sk_buff *skb,
 
        /* This is a fragment, no TCP header is available */
        if (par->fragoff != 0)
-               return XT_CONTINUE;
+               return 0;
 
        if (!skb_make_writable(skb, skb->len))
                return -1;