summaryrefslogtreecommitdiffstats
path: root/iptables
diff options
context:
space:
mode:
Diffstat (limited to 'iptables')
-rw-r--r--iptables/nft.c9
-rw-r--r--iptables/nft.h2
2 files changed, 6 insertions, 5 deletions
diff --git a/iptables/nft.c b/iptables/nft.c
index 123a479c..8e2b5acd 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -649,7 +649,7 @@ static void add_counters(struct nft_rule *r, uint64_t packets, uint64_t bytes)
int
nft_rule_add(struct nft_handle *h, const char *chain, const char *table,
struct iptables_command_state *cs,
- bool append, uint16_t handle, bool verbose)
+ bool append, uint64_t handle, bool verbose)
{
char buf[MNL_SOCKET_BUFFER_SIZE];
struct nlmsghdr *nlh;
@@ -2409,11 +2409,12 @@ int nft_rule_replace(struct nft_handle *h, const char *chain,
r = nft_rule_find(list, chain, table, cs, rulenum);
if (r != NULL) {
- DEBUGP("replacing rule with handle=%u\n",
- nft_rule_attr_get_u16(r, NFT_RULE_ATTR_HANDLE));
+ DEBUGP("replacing rule with handle=%llu\n",
+ (unsigned long long)
+ nft_rule_attr_get_u64(r, NFT_RULE_ATTR_HANDLE));
ret = nft_rule_add(h, chain, table, cs, true,
- nft_rule_attr_get_u16(r, NFT_RULE_ATTR_HANDLE),
+ nft_rule_attr_get_u64(r, NFT_RULE_ATTR_HANDLE),
verbose);
} else
errno = ENOENT;
diff --git a/iptables/nft.h b/iptables/nft.h
index 474e652e..aa458f8c 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -39,7 +39,7 @@ int nft_chain_user_rename(struct nft_handle *h, const char *chain, const char *t
*/
struct nft_rule;
-int nft_rule_add(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool append, uint16_t handle, bool verbose);
+int nft_rule_add(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool append, uint64_t handle, bool verbose);
int nft_rule_check(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool verbose);
int nft_rule_delete(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool verbose);
int nft_rule_delete_num(struct nft_handle *h, const char *chain, const char *table, int rulenum, bool verbose);