diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-08-20 20:24:26 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-12-30 23:50:44 +0100 |
commit | eb4b65c49994e44e6ad617fe3f60c063d0c331c4 (patch) | |
tree | 178a99c4a55c746d4badbaf93df35a43f500dd52 /libipq | |
parent | cdc78b1d6bd7b48ec05d78fc6e6cd98473f40357 (diff) |
nft: fix wrong flags handling in print_firewall_details
Unfortunately, IPT_F_* and IP6T_F_* don't overlap, therefore, we have
to add an specific function to print the fragment flag, otherwise
xtables -6 misinterprets the protocol flag, ie.
Chain INPUT (policy ACCEPT)
tcp -f ::/0 ::/0
Note that -f should not show up. This problem was likely added with
the IPv6 support for the compatibility layer.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'libipq')
0 files changed, 0 insertions, 0 deletions