diff options
author | Fernando Fernandez Mancera <ffmancera@riseup.net> | 2019-09-09 21:52:47 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-09-10 21:59:23 +0200 |
commit | 805969ec63f22303d89a25dd8aa23d54dc65bf73 (patch) | |
tree | d82724a4d7097da391e8c1a165dca2c0a49cee06 /src | |
parent | 860671662d3f7aeec156932aff648e04f0e2ec92 (diff) |
netlink_delinearize: fix wrong conversion to "list" in ct mark
We only prefer "list" representation in "ct event". For any other type of "ct"
use the "or" representation so nft prints "ct mark set ct mark | 0x00000001"
instead of "ct mark set ct mark,0x00000001".
Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1364
Fixes: cb8f81ac3079 ("netlink_delinearize: prefer ct event set foo,bar over 'set foo|bar'")
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/netlink_delinearize.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index fc2574b1..f7d328a8 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -2550,7 +2550,8 @@ static void rule_parse_postprocess(struct netlink_parse_ctx *ctx, struct rule *r if (stmt->ct.expr != NULL) { expr_postprocess(&rctx, &stmt->ct.expr); - if (stmt->ct.expr->etype == EXPR_BINOP) + if (stmt->ct.expr->etype == EXPR_BINOP && + stmt->ct.key == NFT_CT_EVENTMASK) stmt->ct.expr = binop_tree_to_list(NULL, stmt->ct.expr); } |