On 29-11-11 21:08, James Sinclair wrote: > I was doing some testing with the latest ebtables and I think I've found a bug in ebt_deliver_counters that was introduced in the following commit: > > http://ebtables.cvs.sourceforge.net/viewvc/ebtables/ebtables2/userspace/ebtables2/communication.c?r1=1.40&r2=1.41 > > It seems that the chainnr++ on line 308 is only reached when entries is NULL, causing the code to repeatedly loop over the rules for the first non-empty chain. This manifests as every chain having its counters copied from the first non-empty chain instead of getting the counters assigned with -c: Thanks for the bug report. I've applied the following fix instead. --- ebtables-v2.0.10-2/communication.c 2011-08-11 19:56:16.000000000 +0100 +++ ebtables-v2.0.10-3/communication.c 2011-12-04 09:29:23.000000000 +0000 @@ -309,6 +309,7 @@ void ebt_deliver_counters(struct ebt_u_r new = newcounters; while (cc != u_repl->cc) { if (!next || next == entries->entries) { + chainnr++; while (chainnr < u_repl->num_chains && (!(entries = u_repl->chains[chainnr]) || (next = entries->entries->next) == entries->entries)) chainnr++; cheers, Bart -- Bart De Schuymer www.artinalgorithms.be -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html