diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-03-24 13:15:23 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-12-30 23:50:28 +0100 |
commit | 4ef77b6d1b52e1fe52a7fd48d38d9233f0961640 (patch) | |
tree | 08fa0bf0917dcb00a9665dc25c5162599815ce2a /iptables/nft-ipv4.c | |
parent | 98ffe9f8a5aa730fed0a5b2f2ac337ca2511700e (diff) |
xtables: fix missing protocol and invflags
xtables -I INPUT -p tcp --dport 22 -j ACCEPT
iptables: Target problem. Run `dmesg' for more information
x_tables: ip_tables: tcp match: only valid for protocol
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft-ipv4.c')
-rw-r--r-- | iptables/nft-ipv4.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c index ac2b27b8..0a601243 100644 --- a/iptables/nft-ipv4.c +++ b/iptables/nft-ipv4.c @@ -60,6 +60,8 @@ static int nft_ipv4_add(struct nft_rule *r, struct iptables_command_state *cs) add_cmp_u16(r, 0, op); } + add_compat(r, cs->fw.ip.proto, cs->fw.ip.invflags); + return cs->fw.ip.flags; } |