git.ipfire.org Git - thirdparty/iptables.git/commit

]> git.ipfire.org Git - thirdparty/iptables.git/commit

projects / thirdparty / iptables.git / commit

author	Phil Sutter <phil@nwl.cc>
	Fri, 2 Feb 2024 12:14:29 +0000 (13:14 +0100)
committer	Phil Sutter <phil@nwl.cc>
	Fri, 2 Feb 2024 17:26:14 +0000 (18:26 +0100)
commit	4195a89ab2e2bd690ba255e40a5c3d309f031796
tree	29afaaeb5482f454c10044510d4ea2591508000f	tree
parent	9d400db20cf9f1c4a57c0791e563f22bafcd841a	commit \| diff

nft: Do not omit full ranges if inverted

Otherwise this turns a never matching rule into an always matching one.

Fixes: c034cf31dd1a9 ("nft: prefer native expressions instead of udp match")
Signed-off-by: Phil Sutter <phil@nwl.cc>

extensions/libxt_tcp.t		diff \| blob \| blame \| history
extensions/libxt_udp.t		diff \| blob \| blame \| history
iptables/nft.c		diff \| blob \| blame \| history

Mirror of git://git.netfilter.org/iptables

RSS Atom