diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-11 14:24:06 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-02-11 14:28:34 +0100 |
commit | 5cab9c3c8209e9491f0f252e03dd48ae4cb5ab63 (patch) | |
tree | e3d3754810251b1ade92d97481def1c52d389567 /iptables/xtables-save.c | |
parent | d007e1a59e4beaddab430992302d43b122ffc801 (diff) |
nft-compat: fix wrong protocol context in initialization
This fixes matches/targets that are dependent on that IPv4/Ipv6
context, eg.
# ip6tables-compat -I INPUT -j REJECT --reject-with icmp6-addr-unreachable
# ip6tables-compat-save
...
-A INPUT -j REJECT --reject-with icmp6-port-unreachable
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/xtables-save.c')
-rw-r--r-- | iptables/xtables-save.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c index 93065cfc..42d29071 100644 --- a/iptables/xtables-save.c +++ b/iptables/xtables-save.c @@ -85,8 +85,7 @@ xtables_save_main(int family, const char *progname, int argc, char *argv[]) int c; xtables_globals.program_name = progname; - /* XXX xtables_init_all does several things we don't want */ - c = xtables_init_all(&xtables_globals, NFPROTO_IPV4); + c = xtables_init_all(&xtables_globals, family); if (c < 0) { fprintf(stderr, "%s/%s Failed to initialize xtables\n", xtables_globals.program_name, |