summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2014-09-11 15:17:17 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2014-09-12 09:57:05 +0200
commitae355b89e7b74c28de753bf2878a8e189030ad47 (patch)
tree5277add31f34f90d17f5002675ee11feeda9350a /src
parentc09cb090bbf4eab167441a30ca6aabf7ef5b527b (diff)
log: netlink_linearize: don't set level if user didn't specify
The kernel will default on LOG_WARNING, to mimic iptables behaviour. Reported-by: Ana Rey <anarey@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/netlink_linearize.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index 5eecd791..17375a5b 100644
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -586,7 +586,10 @@ static void netlink_gen_log_stmt(struct netlink_linearize_ctx *ctx,
nft_rule_expr_set_u16(nle, NFT_EXPR_LOG_QTHRESHOLD,
stmt->log.qthreshold);
} else {
- nft_rule_expr_set_u32(nle, NFT_EXPR_LOG_LEVEL, stmt->log.level);
+ if (stmt->log.flags & STMT_LOG_LEVEL) {
+ nft_rule_expr_set_u32(nle, NFT_EXPR_LOG_LEVEL,
+ stmt->log.level);
+ }
}
nft_rule_add_expr(ctx->nlr, nle);
}