#include <linux/ip.h>
#include <linux/netfilter.h>
+#include <linux/export.h>
#include <net/secure_seq.h>
#include <net/netfilter/nf_nat.h>
#include <net/netfilter/nf_nat_core.h>
const struct nf_conn *ct,
u_int16_t *rover)
{
- unsigned int range_size, min, i;
+ unsigned int range_size, min, max, i;
__be16 *portptr;
u_int16_t off;
}
} else {
min = ntohs(range->min.all);
- range_size = ntohs(range->max.all) - min + 1;
+ max = ntohs(range->max.all);
+ if (unlikely(max < min))
+ swap(max, min);
+ range_size = max - min + 1;
}
if (range->flags & IP_NAT_RANGE_PROTO_RANDOM)