netfilter: conntrack: udp: fix seen-reply test

IPS_SEEN_REPLY_BIT is only useful for test_bit() api.

Fixes: 4883ec512c ("netfilter: conntrack: avoid reload of ct->status")
Reported-by: Roi Dayan <roid@nvidia.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Reviewed-by: Roi Dayan <roid@nvidia.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Florian Westphal 2023-01-23 13:04:33 +01:00 committed by Pablo Neira Ayuso
parent 1fb7696ac6
commit 28af0f009d

View File

@ -104,7 +104,7 @@ int nf_conntrack_udp_packet(struct nf_conn *ct,
/* If we've seen traffic both ways, this is some kind of UDP
* stream. Set Assured.
*/
if (status & IPS_SEEN_REPLY_BIT) {
if (status & IPS_SEEN_REPLY) {
unsigned long extra = timeouts[UDP_CT_UNREPLIED];
bool stream = false;