On Wed, Jun 01, 2016 at 08:07:17PM +0800, Liping Zhang wrote: > From: Liping Zhang <liping.zhang@xxxxxxxxxxxxxx> > > The mask and mark's order is reversed, so when we specify the mask, we will > get the wrong translation result: > # iptables-translate -A INPUT -m mark --mark 0x1/0xff > nft add rule ip filter INPUT mark and 0x1 == 0xff counter > > Apply this patch, translation will become: > # iptables-translate -A INPUT -m mark --mark 0x1/0xff > nft add rule ip filter INPUT mark and 0xff == 0x1 counter Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
