netfilter: nf_tables: use skb->protocol instead of assuming ethernet header

Otherwise we may end up with incorrect network and transport header for
other protocols.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Pablo Neira Ayuso 2015-12-15 21:29:16 +01:00
parent 73796d8bf2
commit aa47e42c60

View File

@ -94,7 +94,7 @@ nft_do_chain_netdev(void *priv, struct sk_buff *skb,
{
struct nft_pktinfo pkt;
switch (eth_hdr(skb)->h_proto) {
switch (skb->protocol) {
case htons(ETH_P_IP):
nft_netdev_set_pktinfo_ipv4(&pkt, skb, state);
break;