netlink_linearize: finish reject support

This patch finishes the reject support.

Reported-by: Jiri Benc <jbenc@redhat.com>
Tested-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index fd91155bd9da47fc2a6ce1324fc9ef0284fd6dca..da8be202350a5411205ea0ec5796685b9333d38c 100644 (file)
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -561,7 +561,9 @@ static void netlink_gen_reject_stmt(struct netlink_linearize_ctx *ctx,
 {
        struct nft_rule_expr *nle;
 
-       nle = alloc_nft_expr(NULL);
+       nle = alloc_nft_expr("reject");
+       nft_rule_expr_set_u32(nle, NFT_EXPR_REJECT_TYPE, stmt->reject.type);
+       nft_rule_expr_set_u8(nle, NFT_EXPR_REJECT_CODE, 0);
        nft_rule_add_expr(ctx->nlr, nle);
 }