From 3a4419954a3ae0ba5dafd711e6b8dd8f0beb5c21 Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Sat, 17 Aug 2013 21:12:53 +0200
Subject: Remove artifical restriction of netmask values for hash:ip type.

Reported by Quentin Armitage, closes netfilter bugzilla id #844.
---
 lib/parse.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

(limited to 'lib')

diff --git a/lib/parse.c b/lib/parse.c
index 6df8f20..ce3548d 100644
--- a/lib/parse.c
+++ b/lib/parse.c
@@ -1591,16 +1591,14 @@ ipset_parse_netmask(struct ipset_session *session,
 		ipset_data_set(data, IPSET_OPT_FAMILY, &family);
 	}
 
-	err = string_to_cidr(session, str,
-			     family == NFPROTO_IPV4 ? 1 : 4,
-			     family == NFPROTO_IPV4 ? 31 : 124,
+	err = string_to_cidr(session, str, 1,
+			     family == NFPROTO_IPV4 ? 32 : 128,
 			     &cidr);
 
 	if (err)
 		return syntax_err("netmask is out of the inclusive range "
-				  "of %u-%u",
-				  family == NFPROTO_IPV4 ? 1 : 4,
-				  family == NFPROTO_IPV4 ? 31 : 124);
+				  "of 1-%u",
+				  family == NFPROTO_IPV4 ? 32 : 128);
 
 	return ipset_data_set(data, opt, &cidr);
 }
-- 
cgit v1.2.3