diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-11 13:58:03 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-11 14:00:09 +0100 |
commit | d007e1a59e4beaddab430992302d43b122ffc801 (patch) | |
tree | 2276b542655892b2843024bec54653eaa09ee636 /iptables/nft.c | |
parent | 8877968858a8dd6b7ae096988d57a7511c81733d (diff) |
nft-compat: fix IP6T_F_GOTO flag handling
IPT_F_GOTO and IP6T_F_GOTO don't overlap, so this need special handling
to avoid misinterpretations.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft.c')
-rw-r--r-- | iptables/nft.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index 515d124a..a45d599b 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -864,7 +864,7 @@ int add_verdict(struct nft_rule *r, int verdict) } int add_action(struct nft_rule *r, struct iptables_command_state *cs, - int ip_flags) + bool goto_set) { int ret = 0; @@ -881,7 +881,7 @@ int add_action(struct nft_rule *r, struct iptables_command_state *cs, ret = add_target(r, cs->target->t); } else if (strlen(cs->jumpto) > 0) { /* Not standard, then it's a go / jump to chain */ - if (ip_flags & IPT_F_GOTO) + if (goto_set) ret = add_jumpto(r, cs->jumpto, NFT_GOTO); else ret = add_jumpto(r, cs->jumpto, NFT_JUMP); |