Remove the log level when default is used
Before:
$ sudo iptables-translate -I INPUT -j LOG
nft add rule filter INPUT log level warning
After:
$ sudo iptables-translate -I INPUT -j LOG
nft add rule filter INPUT counter log
---
extensions/libip6t_LOG.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 7841e57..3c5075e 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -194,7 +194,8 @@ static int LOG_xlate(const void *ip, const struct xt_entry_target *target,
xt_xlate_add(xl, "prefix \\\"%s\\\" ", loginfo->prefix);
for (i = 0; i < ARRAY_SIZE(ip6t_log_xlate_names); ++i)
- if (loginfo->level == ip6t_log_xlate_names[i].level) {
+ if (loginfo->level == ip6t_log_xlate_names[i].level &&
+ loginfo->level != LOG_DEFAULT_LEVEL) {
xt_xlate_add(xl, "level %s",
ip6t_log_xlate_names[i].name);
break;
--
2.7.2
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
