diff options
author | Shivani Bhardwaj <shivanib134@gmail.com> | 2016-02-22 00:22:48 +0530 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-03-02 20:00:12 +0100 |
commit | 063759767279aaba0a4f1d213d3cce5079ce32f4 (patch) | |
tree | fd1705576043b5765a93e5b886d967d134ad2b3d /iptables | |
parent | c656680dc907cf624f1c9647bc33ec0a5d5baf5b (diff) |
iptables: nft-ipv6: Use meta l4proto instead of nexthdr
Use meta l4proto in place of nexthdr for ipv6 protocols as it is not
necessary that all protocols be next header.
Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables')
-rw-r--r-- | iptables/nft-ipv6.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c index 92d37a02..11501189 100644 --- a/iptables/nft-ipv6.c +++ b/iptables/nft-ipv6.c @@ -417,7 +417,7 @@ static int nft_ipv6_xlate(const void *data, struct xt_xlate *xl) snprintf(protonum, sizeof(protonum), "%u", cs->fw6.ipv6.proto); protonum[sizeof(protonum) - 1] = '\0'; - xt_xlate_add(xl, "ip6 nexthdr %s%s ", + xt_xlate_add(xl, "meta l4proto %s%s ", cs->fw6.ipv6.invflags & IP6T_INV_PROTO ? "!= " : "", pent ? pent->p_name : protonum); |