From d007e1a59e4beaddab430992302d43b122ffc801 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 11 Feb 2014 13:58:03 +0100
Subject: nft-compat: fix IP6T_F_GOTO flag handling

IPT_F_GOTO and IP6T_F_GOTO don't overlap, so this need special handling
to avoid misinterpretations.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/nft.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'iptables/nft.c')

diff --git a/iptables/nft.c b/iptables/nft.c
index 515d124a..a45d599b 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -864,7 +864,7 @@ int add_verdict(struct nft_rule *r, int verdict)
 }
 
 int add_action(struct nft_rule *r, struct iptables_command_state *cs,
-	      int ip_flags)
+	       bool goto_set)
 {
        int ret = 0;
 
@@ -881,7 +881,7 @@ int add_action(struct nft_rule *r, struct iptables_command_state *cs,
 		       ret = add_target(r, cs->target->t);
        } else if (strlen(cs->jumpto) > 0) {
 	       /* Not standard, then it's a go / jump to chain */
-	       if (ip_flags & IPT_F_GOTO)
+	       if (goto_set)
 		       ret = add_jumpto(r, cs->jumpto, NFT_GOTO);
 	       else
 		       ret = add_jumpto(r, cs->jumpto, NFT_JUMP);
-- 
cgit v1.2.3