netfilter: nftables: add catch-all set element support

[linux-2.6-microblaze.git] / net / netfilter / nft_lookup.c

diff --git a/net/netfilter/nft_lookup.c b/net/netfilter/nft_lookup.c
index b0f558b..a479f8a 100644 (file)
--- a/net/netfilter/nft_lookup.c
+++ b/net/netfilter/nft_lookup.c
@@ -30,13 +30,17 @@ void nft_lookup_eval(const struct nft_expr *expr,
        const struct nft_lookup *priv = nft_expr_priv(expr);
        const struct nft_set *set = priv->set;
        const struct nft_set_ext *ext = NULL;
+       const struct net *net = nft_net(pkt);
        bool found;
 
-       found = set->ops->lookup(nft_net(pkt), set, &regs->data[priv->sreg],
-                                &ext) ^ priv->invert;
+       found = set->ops->lookup(net, set, &regs->data[priv->sreg], &ext) ^
+                                priv->invert;
        if (!found) {
-               regs->verdict.code = NFT_BREAK;
-               return;
+               ext = nft_set_catchall_lookup(net, set);
+               if (!ext) {
+                       regs->verdict.code = NFT_BREAK;
+                       return;
+               }
        }
 
        if (ext) {