From 56859380eb3282218863d827b7df822c7b0fd67c Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Sat, 5 May 2018 19:34:57 +0200
Subject: xtables-compat: avoid unneeded bitwise ops

no need to and with all-ones mask.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 iptables/nft-shared.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'iptables/nft-shared.c')

diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index e2fc226c..740b61bb 100644
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -160,8 +160,18 @@ void add_outiface(struct nftnl_rule *r, char *iface, uint32_t op)
 void add_addr(struct nftnl_rule *r, int offset,
 	      void *data, void *mask, size_t len, uint32_t op)
 {
+	const char *m = mask;
+	int i;
+
 	add_payload(r, offset, len, NFT_PAYLOAD_NETWORK_HEADER);
-	add_bitwise(r, mask, len);
+
+	for (i = 0; i < len; i++) {
+		if (m[i] != 0xff)
+			break;
+	}
+
+	if (i != len)
+		add_bitwise(r, mask, len);
 
 	add_cmp_ptr(r, op, data, len);
 }
-- 
cgit v1.2.3