extensions: devgroup: fix showing and saving of dst-group

Message ID	1414686386-7681-1-git-send-email-anarey@gmail.com
State	Accepted
Delegated to:	Pablo Neira
Headers	show Return-Path: <netfilter-devel-owner@vger.kernel.org> From: Ana Rey <anarey@gmail.com> To: netfilter-devel@vger.kernel.org Cc: axinchan@cnrouter.com, Ana Rey <anarey@gmail.com> Subject: [PATCH] extensions: devgroup: fix showing and saving of dst-group Date: Thu, 30 Oct 2014 17:26:26 +0100 Message-Id: <1414686386-7681-1-git-send-email-anarey@gmail.com> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk

Message ID

1414686386-7681-1-git-send-email-anarey@gmail.com

State

Accepted

Delegated to:

Pablo Neira

Headers

From: Ana Rey <anarey@gmail.com>
To: netfilter-devel@vger.kernel.org
Cc: axinchan@cnrouter.com, Ana Rey <anarey@gmail.com>
Subject: [PATCH] extensions: devgroup: fix showing and saving of dst-group
Date: Thu, 30 Oct 2014 17:26:26 +0100
Message-Id: <1414686386-7681-1-git-send-email-anarey@gmail.com>
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk

Commit Message

Ana Rey Oct. 30, 2014, 4:26 p.m. UTC

Closes bugzilla: https://bugzilla.netfilter.org/show_bug.cgi?id=985

The --dst-group parameter in devgroup extensions lists and saves
incorrectly its value. --dst-group always shows "0x0/0x0".

This is an example:

 # iptables -I FORWARD -m devgroup --dst-group 200 -j ACCEPT

 # iptables -L FORWARD
 Chain FORWARD (policy ACCEPT)
 target     prot opt source               destination
 ACCEPT     all  --  anywhere             anywhere     src-group 0x64 dst-group 0x0/0x0

 # iptables -S FORWARD
 -P FORWARD ACCEPT
 -A FORWARD -m devgroup --dst-group 0x0/0x0 -j ACCEPT

Reporte-by: Axinchan <axinchan@cnrouter.com>
Signed-off-by: Ana Rey <anarey@gmail.com>
---
 extensions/libxt_devgroup.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Pablo Neira Ayuso Nov. 4, 2014, 1:41 p.m. UTC | #1

On Thu, Oct 30, 2014 at 05:26:26PM +0100, Ana Rey wrote:
> Closes bugzilla: https://bugzilla.netfilter.org/show_bug.cgi?id=985
> 
> The --dst-group parameter in devgroup extensions lists and saves
> incorrectly its value. --dst-group always shows "0x0/0x0".
> 
> This is an example:
> 
>  # iptables -I FORWARD -m devgroup --dst-group 200 -j ACCEPT
> 
>  # iptables -L FORWARD
>  Chain FORWARD (policy ACCEPT)
>  target     prot opt source               destination
>  ACCEPT     all  --  anywhere             anywhere     src-group 0x64 dst-group 0x0/0x0
> 
>  # iptables -S FORWARD
>  -P FORWARD ACCEPT
>  -A FORWARD -m devgroup --dst-group 0x0/0x0 -j ACCEPT

Applied, thanks Ana.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/extensions/libxt_devgroup.c b/extensions/libxt_devgroup.c
index fb1fcb5..1a52627 100644
--- a/extensions/libxt_devgroup.c
+++ b/extensions/libxt_devgroup.c
@@ -124,7 +124,7 @@  static void devgroup_show(const char *pfx, const struct xt_devgroup_info *info,
 		if (info->flags & XT_DEVGROUP_INVERT_DST)
 			printf(" !");
 		printf(" %sdst-group ", pfx);
-		print_devgroup(info->src_group, info->src_mask, numeric);
+		print_devgroup(info->dst_group, info->dst_mask, numeric);
 	}
 }

extensions: devgroup: fix showing and saving of dst-group

Commit Message

Comments

Patch