From c4e1c0992937bce3ac72987aa43f4f3c219cf3e3 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sun, 21 Aug 2011 12:25:06 +0200 Subject: libxt_owner: restore inversion support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bug origin is in commit v1.4.11~16^2~7. References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700 References: Signed-off-by: Jan Engelhardt --- extensions/libxt_owner.c | 3 ++- tests/options-most.rules | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c index d2fdfa91..d9adc12e 100644 --- a/extensions/libxt_owner.c +++ b/extensions/libxt_owner.c @@ -129,7 +129,8 @@ static const struct xt_option_entry owner_mt_opts[] = { .flags = XTOPT_INVERT}, {.name = "gid-owner", .id = O_GROUP, .type = XTTYPE_STRING, .flags = XTOPT_INVERT}, - {.name = "socket-exists", .id = O_SOCK_EXISTS, .type = XTTYPE_NONE}, + {.name = "socket-exists", .id = O_SOCK_EXISTS, .type = XTTYPE_NONE, + .flags = XTOPT_INVERT}, XTOPT_TABLEEND, }; diff --git a/tests/options-most.rules b/tests/options-most.rules index cd6aab80..37aeabf8 100644 --- a/tests/options-most.rules +++ b/tests/options-most.rules @@ -57,6 +57,7 @@ -A INPUT -p mobility -A INPUT -p mobility -m mh --mh-type 3 -A OUTPUT -m owner --socket-exists --uid-owner 1-2 --gid-owner 2-3 +-A OUTPUT -m owner ! --socket-exists ! --uid-owner 0 ! --gid-owner 0 -A matches -m connbytes --connbytes 1 --connbytes-mode bytes --connbytes-dir both -A matches -A matches -m connbytes --connbytes :2 --connbytes-mode bytes --connbytes-dir both -- cgit v1.2.3