extensions: devgroup: fix showing and saving of dst-group

Closes bugzilla: https://bugzilla.netfilter.org/show_bug.cgi?id=985

The --dst-group parameter in devgroup extensions lists and saves
incorrectly its value. --dst-group always shows "0x0/0x0".

This is an example:

 # iptables -I FORWARD -m devgroup --dst-group 200 -j ACCEPT

 # iptables -L FORWARD
 Chain FORWARD (policy ACCEPT)
 target     prot opt source               destination
 ACCEPT     all  --  anywhere             anywhere     src-group 0x64 dst-group 0x0/0x0

 # iptables -S FORWARD
 -P FORWARD ACCEPT
 -A FORWARD -m devgroup --dst-group 0x0/0x0 -j ACCEPT

Reporte-by: Axinchan <axinchan@cnrouter.com>
Signed-off-by: Ana Rey <anarey@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/extensions/libxt_devgroup.c b/extensions/libxt_devgroup.c
index fb1fcb51c1bb2ff109da509ba90ec561fda4b41c..1a5262730e50d7e1d1d59724c71ecc16e5aba83e 100644 (file)
--- a/extensions/libxt_devgroup.c
+++ b/extensions/libxt_devgroup.c
@@ -124,7 +124,7 @@ static void devgroup_show(const char *pfx, const struct xt_devgroup_info *info,
                if (info->flags & XT_DEVGROUP_INVERT_DST)
                        printf(" !");
                printf(" %sdst-group ", pfx);
-               print_devgroup(info->src_group, info->src_mask, numeric);
+               print_devgroup(info->dst_group, info->dst_mask, numeric);
        }
 }