Documentation/memory.txt: remove some very outdated recommendations

[safe/jmp/linux-2.6] / net / ipv4 / netfilter / nf_nat_proto_common.c

diff --git a/net/ipv4/netfilter/nf_nat_proto_common.c b/net/ipv4/netfilter/nf_nat_proto_common.c
index 91537f1..6c4f11f 100644 (file)
--- a/net/ipv4/netfilter/nf_nat_proto_common.c
+++ b/net/ipv4/netfilter/nf_nat_proto_common.c
@@ -73,9 +73,13 @@ bool nf_nat_proto_unique_tuple(struct nf_conntrack_tuple *tuple,
                range_size = ntohs(range->max.all) - min + 1;
        }
 
-       off = *rover;
        if (range->flags & IP_NAT_RANGE_PROTO_RANDOM)
-               off = net_random();
+               off = secure_ipv4_port_ephemeral(tuple->src.u3.ip, tuple->dst.u3.ip,
+                                                maniptype == IP_NAT_MANIP_SRC
+                                                ? tuple->dst.u.all
+                                                : tuple->src.u.all);
+       else
+               off = *rover;
 
        for (i = 0; i < range_size; i++, off++) {
                *portptr = htons(min + off % range_size);