diff options
author | Liping Zhang <liping.zhang@spreadtrum.com> | 2016-07-18 22:14:27 +0800 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-07-19 20:18:36 +0200 |
commit | 4bde4cc6721e460a1896bf4be2b44fb2ed05b240 (patch) | |
tree | 5f965255c1f5f1e5819c680ba3d29243b093382a /extensions | |
parent | cc7e0982aeb8c2e30b669457d5c062e34f1085be (diff) |
extensions: libxt_NFLOG: display nflog-size even if it is zero
The following iptables rules have the different semantics:
# iptables -A INPUT -j NFLOG
# iptables -A INPUT -j NFLOG --nflog-size 0
But they are all displayed as "-A INPUT -j NFLOG", so if
the user input the following commands, the original semantics
will be broken.
# iptables-save | iptables-restore
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions')
-rw-r--r-- | extensions/libxt_NFLOG.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c index 8c670662..a747951a 100644 --- a/extensions/libxt_NFLOG.c +++ b/extensions/libxt_NFLOG.c @@ -83,7 +83,7 @@ static void nflog_print(const struct xt_nflog_info *info, char *prefix) } if (info->group) printf(" %snflog-group %u", prefix, info->group); - if (info->len && info->flags & XT_NFLOG_F_COPY_LEN) + if (info->flags & XT_NFLOG_F_COPY_LEN) printf(" %snflog-size %u", prefix, info->len); else if (info->len) printf(" %snflog-range %u", prefix, info->len); |