From 3a3794573386d0cb2930a9daad5615036c06f4e2 Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Fri, 21 Sep 2012 21:03:24 +0200 Subject: Support to match elements marked with "nomatch" in hash:*net* sets Exceptions can now be matched and we can branch according to the possible cases: a. match in the set if the element is not flagged as "nomatch" b. match in the set if the element is flagged with "nomatch" c. no match i.e. iptables ... -m set --match-set ... -j ... iptables ... -m set --match-set ... --nomatch-entries -j ... ... --- tests/runtest.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/runtest.sh') diff --git a/tests/runtest.sh b/tests/runtest.sh index ff5c492..ad2ac42 100755 --- a/tests/runtest.sh +++ b/tests/runtest.sh @@ -22,7 +22,7 @@ add_tests() { # inet|inet6 network if [ $1 = "inet" ]; then cmd=iptables-save - add=match_target + add="match_target match_flags" else cmd=ip6tables-save add=match_target6 -- cgit v1.2.3