From: Giuseppe Longo <giuseppelng@gmail.com>
Date: Fri, 8 Aug 2014 23:04:17 +0000 (+0200)
Subject: nft-arp: remove wrong conditions
X-Git-Tag: v1.6.0~87
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b772c3f24f75e586e406675e4b0b79eabfe3375e;p=thirdparty%2Fiptables.git

nft-arp: remove wrong conditions

Removes wrong conditions in flags translating functions
that doesn't permit to delete rule with inverse flags set.

For instance, the following command doesn't remove the rule:
arptables-compat -D INPUT -i ! eth1 -j ACCEPT

Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index 8c062435..6dcc6ee6 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -155,9 +155,6 @@ static uint8_t arpt_to_ipt_flags(uint16_t invflags)
 	if (invflags & ARPT_INV_ARPPRO)
 		result |= IPT_INV_PROTO;
 
-	if (invflags & ARPT_INV_MASK)
-		result |= IPT_INV_MASK;
-
 	return result;
 }
 
@@ -257,9 +254,6 @@ static uint16_t ipt_to_arpt_flags(uint8_t invflags)
 	if (invflags & IPT_INV_PROTO)
 		result |= ARPT_INV_ARPPRO;
 
-	if (invflags & IPT_INV_MASK)
-		result |= ARPT_INV_MASK;
-
 	return result;
 }