[NETFILTER]: NAT: optional source port randomization support

[deliverable/linux.git] / net / ipv4 / netfilter / ip_nat_rule.c

diff --git a/net/ipv4/netfilter/ip_nat_rule.c b/net/ipv4/netfilter/ip_nat_rule.c
index a176aa3031e0f37557d100975e6e9ba92f0df4f0..6ebaad36c06da0827beac9f8de850ade8269d232 100644 (file)
--- a/net/ipv4/netfilter/ip_nat_rule.c
+++ b/net/ipv4/netfilter/ip_nat_rule.c
@@ -193,6 +193,10 @@ static int ipt_dnat_checkentry(const char *tablename,
                printk("DNAT: multiple ranges no longer supported\n");
                return 0;
        }
+       if (mr->range[0].flags & IP_NAT_RANGE_PROTO_RANDOM) {
+               printk("DNAT: port randomization not supported\n");
+               return 0;
+       }
        return 1;
 }