In libxt_cluster.c, we use:
info->flags |= (1 << XT_CLUSTER_F_INV);
but we should use instead:
info->flags |= XT_CLUSTER_F_INV;
since the definition of XT_CLUSTER_F_INV is:
enum xt_cluster_flags {
XT_CLUSTER_F_INV = (1 << 0)
};
This fixes the inversion in the cluster match.
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
extensions/libxt_cluster.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/extensions/libxt_cluster.c b/extensions/libxt_cluster.c
index edc14d3..e1607d0 100644
--- a/extensions/libxt_cluster.c
+++ b/extensions/libxt_cluster.c
@@ -90,7 +90,7 @@ cluster_parse(int c, char **argv, int invert, unsigned int *flags,
"`--cluster-local-node'", optarg);
}
if (invert)
- info->flags |= (1 << XT_CLUSTER_F_INV);
+ info->flags |= XT_CLUSTER_F_INV;
info->node_mask = node_mask = (1 << (num - 1));
*flags |= 1 << c;
@@ -115,7 +115,7 @@ cluster_parse(int c, char **argv, int invert, unsigned int *flags,
"`--cluster-local-node'", optarg);
}
if (invert)
- info->flags |= (1 << XT_CLUSTER_F_INV);
+ info->flags |= XT_CLUSTER_F_INV;
info->node_mask = node_mask = num;
*flags |= 1 << c;
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
