summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@medozas.de>2011-08-21 12:25:06 +0200
committerJan Engelhardt <jengelh@medozas.de>2011-08-21 12:35:20 +0200
commitc4e1c0992937bce3ac72987aa43f4f3c219cf3e3 (patch)
treec3305ef51a53c711cd0b8b4b58931bffc9223bae
parentc96e524e98de81b333d772aa9a4f9b93275525dd (diff)
libxt_owner: restore inversion support
Bug origin is in commit v1.4.11~16^2~7. References: Dave Täht via netfilter-devel on 2011-08-20 14:40:11 -0700 References: <CAA93jw6mpDL6rLXM+9SpAhafkDdKoSfhAxU8UM87vUqjuzjYJw@mail.gmail.com> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-rw-r--r--extensions/libxt_owner.c3
-rw-r--r--tests/options-most.rules1
2 files changed, 3 insertions, 1 deletions
diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
index d2fdfa91..d9adc12e 100644
--- a/extensions/libxt_owner.c
+++ b/extensions/libxt_owner.c
@@ -129,7 +129,8 @@ static const struct xt_option_entry owner_mt_opts[] = {
.flags = XTOPT_INVERT},
{.name = "gid-owner", .id = O_GROUP, .type = XTTYPE_STRING,
.flags = XTOPT_INVERT},
- {.name = "socket-exists", .id = O_SOCK_EXISTS, .type = XTTYPE_NONE},
+ {.name = "socket-exists", .id = O_SOCK_EXISTS, .type = XTTYPE_NONE,
+ .flags = XTOPT_INVERT},
XTOPT_TABLEEND,
};
diff --git a/tests/options-most.rules b/tests/options-most.rules
index cd6aab80..37aeabf8 100644
--- a/tests/options-most.rules
+++ b/tests/options-most.rules
@@ -57,6 +57,7 @@
-A INPUT -p mobility
-A INPUT -p mobility -m mh --mh-type 3
-A OUTPUT -m owner --socket-exists --uid-owner 1-2 --gid-owner 2-3
+-A OUTPUT -m owner ! --socket-exists ! --uid-owner 0 ! --gid-owner 0
-A matches -m connbytes --connbytes 1 --connbytes-mode bytes --connbytes-dir both
-A matches
-A matches -m connbytes --connbytes :2 --connbytes-mode bytes --connbytes-dir both