[PATCH] Fix CONNMARK mask value demolition

[Peter Warasin <peter@xxxxxxxxxx>]

This patch fixes the problem that the CONNMARK mask value
has been set to 0 whenever the CONNMARK target options has not
been the last options to be processed.

Signed-off-by: Peter Warasin <peter@xxxxxxxxxx>

---

Index: iptables/extensions/libxt_CONNMARK.c
===================================================================
--- iptables.orig/extensions/libxt_CONNMARK.c	2008-01-06 03:08:18.000000000 +0100
+++ iptables/extensions/libxt_CONNMARK.c	2008-01-06 03:09:54.000000000 +0100
@@ -64,13 +64,12 @@
 	struct xt_connmark_target_info *markinfo
 		= (struct xt_connmark_target_info *)(*target)->data;
 
-	markinfo->mask = 0xffffffffUL;
-
 	switch (c) {
 		char *end;
 	case '1':
 		markinfo->mode = XT_CONNMARK_SET;
 
+		markinfo->mask = 0xffffffffUL;
 		markinfo->mark = strtoul(optarg, &end, 0);
 		if (*end == '/' && end[1] != '\0')
 		    markinfo->mask = strtoul(end+1, &end, 0);