netfilter: ebtables: fix erroneous reject of last rule

[pandora-kernel.git] / net / bridge / netfilter / ebtables.c

diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index 3a011b8..9cde6d3 100644 (file)
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -2064,8 +2064,12 @@ static int size_entry_mwt(struct ebt_entry *entry, const unsigned char *base,
         * offsets are relative to beginning of struct ebt_entry (i.e., 0).
         */
        for (i = 0; i < 4 ; ++i) {
-               if (offsets[i] >= *total)
+               if (offsets[i] > *total)
                        return -EINVAL;
+
+               if (i < 3 && offsets[i] == *total)
+                       return -EINVAL;
+
                if (i == 0)
                        continue;
                if (offsets[i-1] > offsets[i])