nft: Leave interface masks alone when parsing from kernel

The mask is entirely unused by nft-variants in general and legacy ones when printing. It is relevant only when inserting a legacy rule into kernel as it doesn't detect the '+'-suffix. Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2023-11-17 17:27:56 +0100
committer: Phil Sutter <phil@nwl.cc> 2023-11-29 02:33:04 +0100
commit: 9ccae63974755d845337fa6b6648ed0de32c9064 (patch)
tree: 522119784abfc1c771b00c4719584d20413935b8 /iptables/nft-ruleparse-ipv4.c
parent: fe70364b361194f5271661eb15207b10572d3fba (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/iptables/nft-ruleparse-ipv4.c b/iptables/nft-ruleparse-ipv4.c
index 491cbf42..fe65b33c 100644
--- a/iptables/nft-ruleparse-ipv4.c
+++ b/iptables/nft-ruleparse-ipv4.c
@@ -41,9 +41,8 @@ static void nft_ipv4_parse_meta(struct nft_xt_ctx *ctx,
 		break;
 	}
 
-	if (parse_meta(ctx, e, reg->meta_dreg.key, cs->fw.ip.iniface, cs->fw.ip.iniface_mask,
-		   cs->fw.ip.outiface, cs->fw.ip.outiface_mask,
-		   &cs->fw.ip.invflags) == 0)
+	if (parse_meta(ctx, e, reg->meta_dreg.key, cs->fw.ip.iniface,
+		       cs->fw.ip.outiface, &cs->fw.ip.invflags) == 0)
 		return;
 
 	ctx->errmsg = "unknown ipv4 meta key";
author	Phil Sutter <phil@nwl.cc>	2023-11-17 17:27:56 +0100
committer	Phil Sutter <phil@nwl.cc>	2023-11-29 02:33:04 +0100
commit	9ccae63974755d845337fa6b6648ed0de32c9064 (patch)
tree	522119784abfc1c771b00c4719584d20413935b8 /iptables/nft-ruleparse-ipv4.c
parent	fe70364b361194f5271661eb15207b10572d3fba (diff)