libip6t_hbh: restore setting IP6T_OPTS_LEN flag

Bug origin is in commit v1.4.11~26^2~17.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>

diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c
index 809e80d5ec8e7ae666ecc2045fdbea29986b0d3d..c0389ed8bafdedd8e641067209e6e1a59893051f 100644 (file)
--- a/extensions/libip6t_hbh.c
+++ b/extensions/libip6t_hbh.c
@@ -108,6 +108,7 @@ static void hbh_parse(struct xt_option_call *cb)
        case O_HBH_LEN:
                if (cb->invert)
                        optinfo->invflags |= IP6T_OPTS_INV_LEN;
+               optinfo->flags |= IP6T_OPTS_LEN;
                break;
        case O_HBH_OPTS:
                optinfo->optsnr = parse_options(cb->arg, optinfo->opts);

diff --git a/tests/options-most.rules b/tests/options-most.rules
index 6839d89b5784513a7c84f4cbd6e294c28e6c4267..120909117812b45b116f45f0600a955bdfebe48f 100644 (file)
--- a/tests/options-most.rules
+++ b/tests/options-most.rules
@@ -94,6 +94,8 @@
 -A matches -m hashlimit --hashlimit-upto 1/hour --hashlimit-burst 1 --hashlimit-name mini3
 -A matches -m hashlimit --hashlimit-upto 1/day --hashlimit-burst 1 --hashlimit-name mini4
 -A matches
+-A matches -m hbh ! --hbh-len 5
+-A matches
 -A matches -m ipvs --vaddr fe80::/64 --vport 1 --vdir REPLY --vmethod GATE --vportctl 21
 -A matches
 -A matches -m length --length 1