On Tue, May 31, 2016 at 01:57:16PM +0200, Arturo Borrero Gonzalez wrote:
> @@ -55,6 +58,7 @@ static int nft_lookup_init(const struct nft_ctx *ctx,
> {
> struct nft_lookup *priv = nft_expr_priv(expr);
> struct nft_set *set;
> + u32 flags;
> int err;
>
> if (tb[NFTA_LOOKUP_SET] == NULL ||
> @@ -91,6 +95,12 @@ static int nft_lookup_init(const struct nft_ctx *ctx,
> } else if (set->flags & NFT_SET_MAP)
> return -EINVAL;
>
> + if (tb[NFTA_LOOKUP_FLAGS]) {
> + flags = ntohl(nla_get_be32(tb[NFTA_LOOKUP_FLAGS]));
I missed this one before:
if (flags & ~NFT_LOOKUP_F_INV)
return -EINVAL;
> + if (flags & NFT_LOOKUP_F_INV)
> + priv->invert = true;
> + }
> +
> priv->binding.flags = set->flags & NFT_SET_MAP;
>
> err = nf_tables_bind_set(ctx, set, &priv->binding);
> @@ -112,6 +122,7 @@ static void nft_lookup_destroy(const struct nft_ctx *ctx,
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
