Bug origin is in commit v1.4.11~26^2~4.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw@xxxxxxxxxxxxxx>
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
extensions/libxt_physdev.c | 7 ++++---
tests/options-most.rules | 2 ++
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c
index 8f57fe9..a11faf4 100644
--- a/extensions/libxt_physdev.c
+++ b/extensions/libxt_physdev.c
@@ -27,11 +27,12 @@ static const struct xt_option_entry physdev_opts[] = {
.flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, physindev)},
{.name = "physdev-out", .id = O_PHYSDEV_OUT, .type = XTTYPE_STRING,
.flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, physoutdev)},
- {.name = "physdev-is-in", .id = O_PHYSDEV_IS_IN, .type = XTTYPE_NONE},
+ {.name = "physdev-is-in", .id = O_PHYSDEV_IS_IN, .type = XTTYPE_NONE,
+ .flags = XTOPT_INVERT},
{.name = "physdev-is-out", .id = O_PHYSDEV_IS_OUT,
- .type = XTTYPE_NONE},
+ .type = XTTYPE_NONE, .flags = XTOPT_INVERT},
{.name = "physdev-is-bridged", .id = O_PHYSDEV_IS_BRIDGED,
- .type = XTTYPE_NONE},
+ .type = XTTYPE_NONE, .flags = XTOPT_INVERT},
XTOPT_TABLEEND,
};
#undef s
diff --git a/tests/options-most.rules b/tests/options-most.rules
index 37aeabf..c243649 100644
--- a/tests/options-most.rules
+++ b/tests/options-most.rules
@@ -111,6 +111,8 @@
-A matches
-A matches -m length --length 5:65535
-A matches
+-A matches -m physdev ! --physdev-is-in ! --physdev-is-out ! --physdev-is-bridged
+-A matches
-A matches -p tcp -m tcpmss --mss 1
-A matches
-A matches -p tcp -m tcpmss --mss :2
--
1.7.3.4
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
