From e31564fbc016531bac8c96ccc45c7b8b38aeae00 Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Mon, 5 Nov 2018 17:01:36 +0100
Subject: arptables: fix rule deletion/compare

arptables -D fails most of the time, as we compared
source mask with target mask.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 iptables/nft-arp.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'iptables/nft-arp.c')

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index f9352297..675f0eb9 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -637,7 +637,8 @@ static bool nft_arp_is_same(const void *data_a,
 
 	if (a->arp.src.s_addr != b->arp.src.s_addr
 	    || a->arp.tgt.s_addr != b->arp.tgt.s_addr
-	    || a->arp.smsk.s_addr != b->arp.tmsk.s_addr
+	    || a->arp.smsk.s_addr != b->arp.smsk.s_addr
+	    || a->arp.tmsk.s_addr != b->arp.tmsk.s_addr
 	    || a->arp.arpro != b->arp.arpro
 	    || a->arp.flags != b->arp.flags
 	    || a->arp.invflags != b->arp.invflags) {
-- 
cgit v1.2.3