diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2011-08-21 12:25:06 +0200 |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2011-08-21 12:35:20 +0200 |
commit | c4e1c0992937bce3ac72987aa43f4f3c219cf3e3 (patch) | |
tree | c3305ef51a53c711cd0b8b4b58931bffc9223bae | |
parent | c96e524e98de81b333d772aa9a4f9b93275525dd (diff) |
libxt_owner: restore inversion support
Bug origin is in commit v1.4.11~16^2~7.
References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700
References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw@mail.gmail.com>
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-rw-r--r-- | extensions/libxt_owner.c | 3 | ||||
-rw-r--r-- | tests/options-most.rules | 1 |
2 files changed, 3 insertions, 1 deletions
diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c index d2fdfa91..d9adc12e 100644 --- a/extensions/libxt_owner.c +++ b/extensions/libxt_owner.c @@ -129,7 +129,8 @@ static const struct xt_option_entry owner_mt_opts[] = { .flags = XTOPT_INVERT}, {.name = "gid-owner", .id = O_GROUP, .type = XTTYPE_STRING, .flags = XTOPT_INVERT}, - {.name = "socket-exists", .id = O_SOCK_EXISTS, .type = XTTYPE_NONE}, + {.name = "socket-exists", .id = O_SOCK_EXISTS, .type = XTTYPE_NONE, + .flags = XTOPT_INVERT}, XTOPT_TABLEEND, }; diff --git a/tests/options-most.rules b/tests/options-most.rules index cd6aab80..37aeabf8 100644 --- a/tests/options-most.rules +++ b/tests/options-most.rules @@ -57,6 +57,7 @@ -A INPUT -p mobility -A INPUT -p mobility -m mh --mh-type 3 -A OUTPUT -m owner --socket-exists --uid-owner 1-2 --gid-owner 2-3 +-A OUTPUT -m owner ! --socket-exists ! --uid-owner 0 ! --gid-owner 0 -A matches -m connbytes --connbytes 1 --connbytes-mode bytes --connbytes-dir both -A matches -A matches -m connbytes --connbytes :2 --connbytes-mode bytes --connbytes-dir both |