summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@medozas.de>2009-10-26 18:43:54 +0100
committerJan Engelhardt <jengelh@medozas.de>2009-10-29 19:04:00 +0100
commit7c4d668c9c2ee007c82063b7fc784cbbf46b2ec4 (patch)
tree4041a5c3946326232ad24aa5499a8ac4633a5976
parent58df90174164fd673e8c4103f7ce0c4e55ef1aec (diff)
libiptc: fix wrong maptype of base chain counters on restore
When a ruleset that does not reset any chain policies/counters, such as *filter COMMIT is sourced by iptables-restore, the previous policy and counters (i.e. the ones read from the kernel) are reused. The counter skew offsetting is wrong however, causing the read value to be readded to the kernel value. This manifests itself in practice by the counter value almost doubling everytime iptables-restore is called. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-rw-r--r--libiptc/libiptc.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index 670acf53..7a9c7428 100644
--- a/libiptc/libiptc.c
+++ b/libiptc/libiptc.c
@@ -829,7 +829,7 @@ static int __iptcc_p_del_policy(struct xtc_handle *h, unsigned int num)
/* save counter and counter_map information */
h->chain_iterator_cur->counter_map.maptype =
- COUNTER_MAP_NORMAL_MAP;
+ COUNTER_MAP_ZEROED;
h->chain_iterator_cur->counter_map.mappos = num-1;
memcpy(&h->chain_iterator_cur->counters, &pr->entry->counters,
sizeof(h->chain_iterator_cur->counters));