IP SET target iptables fix
Michal Pokrywka
mpokrywka at hoga.pl
Thu Mar 17 15:16:53 CET 2005
Hello,
Current iptables target needs to test for IP_SET_INVALID_ID when
printing or saving rules from kernel, currently it errors "iptables v1.3.1:
Set id 65535 in kernel doesn't exist."
Patch below fixes this problem:
diff -Nru iptables-1.3.1.orig/extensions/libipt_SET.c iptables-1.3.1/extensions/libipt_SET.c
--- iptables-1.3.1.orig/extensions/libipt_SET.c 2005-03-17 14:16:26.005537000 +0100
+++ iptables-1.3.1/extensions/libipt_SET.c 2005-03-17 14:18:43.055537000 +0100
@@ -121,6 +121,8 @@
int i;
char setname[IP_SET_MAXNAMELEN];
+ if (info->index == IP_SET_INVALID_ID)
+ return;
get_set_byid(setname, info->index);
printf("%s %s", prefix, setname);
for (i = 0; i < IP_SET_MAX_BINDINGS; i++) {
More information about the netfilter-devel
mailing list