"...0d0cea2424ae97b27447dc64a7dbfae83c036c45b403392f0e8ba.png" did not exist on "1b4bf461f05d56ced6d6b8f3b4831adc7076f565"
netfilter: ipset: allow a 0 netmask with hash_netiface type
Jozsef says: The correct behaviour is that if we have ipset create test1 hash:net,iface ipset add test1 0.0.0.0/0,eth0 iptables -A INPUT -m set --match-set test1 src,src then the rule should match for any traffic coming in through eth0. This removes the -EINVAL runtime test to make matching work in case packet arrived via the specified interface. Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1297092 Signed-off-by:Florian Westphal <fw@strlen.de> Acked-by:
Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org>
Loading
Please register or sign in to comment