diff options
author | Jan Engelhardt <jengelh@inai.de> | 2015-07-15 14:53:39 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-08-12 19:49:40 +0200 |
commit | 4264de1f270a0fac44dde8ece6fde0a879aebc8e (patch) | |
tree | e77b75bbe0a6bb2c5d7349949d6035c860086017 /extensions/libip6t_ah.c | |
parent | 34344db9878ed53b387180362b1be77001e03e45 (diff) |
extensions: restore matching any SPI id by default
This is the same as commit v1.4.15-12-g8a988f6.
If no id option is given, the extensions only match packets with a
zero-valued identification field. This behavior deviates from what it
used to do back in v1.4.10-273-g6944f2c^.
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libip6t_ah.c')
-rw-r--r-- | extensions/libip6t_ah.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c index 26f81408..174d6d1d 100644 --- a/extensions/libip6t_ah.c +++ b/extensions/libip6t_ah.c @@ -28,6 +28,14 @@ static const struct xt_option_entry ah_opts[] = { }; #undef s +static void ah_init(struct xt_entry_match *m) +{ + struct ip6t_ah *ahinfo = (void *)m->data; + + /* Defaults for when no --ahspi is used at all */ + ahinfo->spis[1] = ~0U; +} + static void ah_parse(struct xt_option_call *cb) { struct ip6t_ah *ahinfo = cb->data; @@ -127,6 +135,7 @@ static struct xtables_match ah_mt6_reg = { .size = XT_ALIGN(sizeof(struct ip6t_ah)), .userspacesize = XT_ALIGN(sizeof(struct ip6t_ah)), .help = ah_help, + .init = ah_init, .print = ah_print, .save = ah_save, .x6_parse = ah_parse, |