Removes wrong conditions in flags translating functions that doesn't permit to delete rule with inverse flags set. For instance, the following command doesn't remove the rule: arptables-compat -D INPUT -i ! eth1 -j ACCEPT Signed-off-by: Giuseppe Longo <giuseppelng@xxxxxxxxx> --- iptables/nft-arp.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c index c1cbbc0..c3cfee9 100644 --- a/iptables/nft-arp.c +++ b/iptables/nft-arp.c @@ -155,9 +155,6 @@ static uint8_t arpt_to_ipt_flags(uint16_t invflags) if (invflags & ARPT_INV_ARPPRO) result |= IPT_INV_PROTO; - if (invflags & ARPT_INV_MASK) - result |= IPT_INV_MASK; - return result; } @@ -257,9 +254,6 @@ static uint16_t ipt_to_arpt_flags(uint8_t invflags) if (invflags & IPT_INV_PROTO) result |= ARPT_INV_ARPPRO; - if (invflags & IPT_INV_MASK) - result |= ARPT_INV_MASK; - return result; } -- 1.8.3.2 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
