On Fri, Dec 16, 2011 at 06:34:06PM +0100, Florian Westphal wrote:
> quoting man page:
>
> match packets from a connection whose packets/bytes/average
> packet size is more than FROM and less than TO bytes/packets. if
> TO is omitted only FROM check is done.
>
> But, when TO was omitted, we did treat it like "x:x" which is not
> the same at all.
>
> Before commit 09631dc60ce41bc484a42fcf4d4ddf7036820bd1
> (libxt_connbytes: use guided option parser), we failed to parse
> "--connbytes x" ('Bad range "x"'), but treated "x:" like "x:0xffffffff".
>
> Also, restore the "from must be smaller than to" check.
>
> Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
Applied, thanks!
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
