nft-arp: remove wrong conditions

Removes wrong conditions in flags translating functions
that doesn't permit to delete rule with inverse flags set.

For instance, the following command doesn't remove the rule:
arptables-compat -D INPUT -i ! eth1 -j ACCEPT

Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index 8c06243527f0b7b105c4d6573d2687c7e38cadad..6dcc6ee6bed6efde32b23ccf4888f987ae664e66 100644 (file)
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -155,9 +155,6 @@ static uint8_t arpt_to_ipt_flags(uint16_t invflags)
        if (invflags & ARPT_INV_ARPPRO)
                result |= IPT_INV_PROTO;
 
-       if (invflags & ARPT_INV_MASK)
-               result |= IPT_INV_MASK;
-
        return result;
 }
 
@@ -257,9 +254,6 @@ static uint16_t ipt_to_arpt_flags(uint8_t invflags)
        if (invflags & IPT_INV_PROTO)
                result |= ARPT_INV_ARPPRO;
 
-       if (invflags & IPT_INV_MASK)
-               result |= ARPT_INV_MASK;
-
        return result;
 }