evaluate: incorrect usage of stmt_binary_error() in reject

Don't pass ctx->pctx.protocol[PROTO_BASE_LL_HDR] to stmt_binary_error(),
it's not useful for the error reporting as location is not available.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/evaluate.c b/src/evaluate.c
index 030bbde4ab2c9cab7622e8f89c85b2db4b474222..782a5bca98bb77f43ac284678deddfe5b167c639 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2729,9 +2729,8 @@ static int stmt_evaluate_reject_bridge(struct eval_ctx *ctx, struct stmt *stmt,
 
        desc = ctx->pctx.protocol[PROTO_BASE_LL_HDR].desc;
        if (desc != &proto_eth && desc != &proto_vlan && desc != &proto_netdev)
-               return stmt_binary_error(ctx,
-                                        &ctx->pctx.protocol[PROTO_BASE_LL_HDR],
-                                        stmt, "unsupported link layer protocol");
+               return __stmt_binary_error(ctx, &stmt->location, NULL,
+                                          "cannot reject from this link layer protocol");
 
        desc = ctx->pctx.protocol[PROTO_BASE_NETWORK_HDR].desc;
        if (desc != NULL &&