From ae355b89e7b74c28de753bf2878a8e189030ad47 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 11 Sep 2014 15:17:17 +0200
Subject: log: netlink_linearize: don't set level if user didn't specify

The kernel will default on LOG_WARNING, to mimic iptables behaviour.

Reported-by: Ana Rey <anarey@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/netlink_linearize.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index 5eecd791..17375a5b 100644
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -586,7 +586,10 @@ static void netlink_gen_log_stmt(struct netlink_linearize_ctx *ctx,
 			nft_rule_expr_set_u16(nle, NFT_EXPR_LOG_QTHRESHOLD,
 					      stmt->log.qthreshold);
 	} else {
-		nft_rule_expr_set_u32(nle, NFT_EXPR_LOG_LEVEL, stmt->log.level);
+		if (stmt->log.flags & STMT_LOG_LEVEL) {
+			nft_rule_expr_set_u32(nle, NFT_EXPR_LOG_LEVEL,
+					      stmt->log.level);
+		}
 	}
 	nft_rule_add_expr(ctx->nlr, nle);
 }
-- 
cgit v1.2.3