Bug origin is in commit v1.4.11~16^2~7.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw@xxxxxxxxxxxxxx>
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
extensions/libxt_owner.c | 3 ++-
tests/options-most.rules | 1 +
2 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
index d2fdfa9..d9adc12 100644
--- a/extensions/libxt_owner.c
+++ b/extensions/libxt_owner.c
@@ -129,7 +129,8 @@ static const struct xt_option_entry owner_mt_opts[] = {
.flags = XTOPT_INVERT},
{.name = "gid-owner", .id = O_GROUP, .type = XTTYPE_STRING,
.flags = XTOPT_INVERT},
- {.name = "socket-exists", .id = O_SOCK_EXISTS, .type = XTTYPE_NONE},
+ {.name = "socket-exists", .id = O_SOCK_EXISTS, .type = XTTYPE_NONE,
+ .flags = XTOPT_INVERT},
XTOPT_TABLEEND,
};
diff --git a/tests/options-most.rules b/tests/options-most.rules
index cd6aab8..37aeabf 100644
--- a/tests/options-most.rules
+++ b/tests/options-most.rules
@@ -57,6 +57,7 @@
-A INPUT -p mobility
-A INPUT -p mobility -m mh --mh-type 3
-A OUTPUT -m owner --socket-exists --uid-owner 1-2 --gid-owner 2-3
+-A OUTPUT -m owner ! --socket-exists ! --uid-owner 0 ! --gid-owner 0
-A matches -m connbytes --connbytes 1 --connbytes-mode bytes --connbytes-dir both
-A matches
-A matches -m connbytes --connbytes :2 --connbytes-mode bytes --connbytes-dir both
--
1.7.3.4
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
