diff options
author | Liping Zhang <zlpnobody@gmail.com> | 2017-04-15 17:22:17 +0800 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-04-15 11:30:08 +0200 |
commit | e2b25ccc31b8262a0739b46337fbb354e00aa1d6 (patch) | |
tree | 05db8f700716c22ef19ff6153807a173d17a8821 /src/netlink_linearize.c | |
parent | cd3877cd4a7c4943dc29c274366795f02c42feb0 (diff) |
hash: generate a random seed if seed option is empty
Typing the "nft add rule x y ct mark set jhash ip saddr mod 2" will
not generate a random seed, instead, the seed will always be zero.
So if seed option is empty, we shoulde not set the NFTA_HASH_SEED
attribute, then a random seed will be generated in the kernel.
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink_linearize.c')
-rw-r--r-- | src/netlink_linearize.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c index b2f27b7a..3d684569 100644 --- a/src/netlink_linearize.c +++ b/src/netlink_linearize.c @@ -139,7 +139,8 @@ static void netlink_gen_hash(struct netlink_linearize_ctx *ctx, } netlink_put_register(nle, NFTNL_EXPR_HASH_DREG, dreg); nftnl_expr_set_u32(nle, NFTNL_EXPR_HASH_MODULUS, expr->hash.mod); - nftnl_expr_set_u32(nle, NFTNL_EXPR_HASH_SEED, expr->hash.seed); + if (expr->hash.seed_set) + nftnl_expr_set_u32(nle, NFTNL_EXPR_HASH_SEED, expr->hash.seed); nftnl_expr_set_u32(nle, NFTNL_EXPR_HASH_OFFSET, expr->hash.offset); nftnl_expr_set_u32(nle, NFTNL_EXPR_HASH_TYPE, expr->hash.type); nftnl_rule_add_expr(ctx->nlr, nle); |