On 19 February 2015 at 00:32, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > Once the data that the compare expression provides have been digested. > > For example: > > -A INPUT -i noexist -p udplite -s 10.10.10.10/32 -d 10.0.0.10/32 -j ACCEPT > > doesn't show anymore the following broken output via iptables-compat-save: > > -A INPUT -i > > +t -p udplite -s 10.10.10.10/32 -d 10.0.0.10/32 -j ACCEPT > > Reported-by: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx> > Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> > --- > iptables/nft-arp.c | 12 ++++++++---- > iptables/nft-ipv4.c | 14 ++++++++++---- > iptables/nft-ipv6.c | 20 ++++++++++++-------- > iptables/nft-shared.c | 8 ++++++-- > 4 files changed, 36 insertions(+), 18 deletions(-) It works (v2). Tested-by: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx> best regards. -- Arturo Borrero González -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
