diff mbox

[nf-next] netfilter: nft_meta: set skb->nf_trace appropriately

Message ID 1465388410-23879-1-git-send-email-zlpnobody@163.com
State Accepted
Delegated to: Pablo Neira
Headers show

Commit Message

Liping Zhang June 8, 2016, 12:20 p.m. UTC 
From: Liping Zhang <liping.zhang@spreadtrum.com>

When user add a nft rule to set nftrace to zero, for example:
  # nft add rule ip filter input nftrace set 0

We should set nf_trace to zero also.

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
---
 net/netfilter/nft_meta.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Pablo Neira Ayuso June 23, 2016, 11:07 a.m. UTC | #1 
On Wed, Jun 08, 2016 at 08:20:10PM +0800, Liping Zhang wrote:
> From: Liping Zhang <liping.zhang@spreadtrum.com>
> 
> When user add a nft rule to set nftrace to zero, for example:
>   # nft add rule ip filter input nftrace set 0
> 
> We should set nf_trace to zero also.

This is indeed fixing something broken, so I'm applying this to nf.

Thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c
index 16c50b0..f4bad9d 100644
--- a/net/netfilter/nft_meta.c
+++ b/net/netfilter/nft_meta.c
@@ -227,7 +227,7 @@  void nft_meta_set_eval(const struct nft_expr *expr,
 			skb->pkt_type = value;
 		break;
 	case NFT_META_NFTRACE:
-		skb->nf_trace = 1;
+		skb->nf_trace = !!value;
 		break;
 	default:
 		WARN_ON(1);