netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [net PATCH] netfilter: ipset: Fix subcounter update skip
@ 2020-05-14 11:31 Phil Sutter
  2020-05-25 17:04 ` Pablo Neira Ayuso
  0 siblings, 1 reply; 2+ messages in thread
From: Phil Sutter @ 2020-05-14 11:31 UTC (permalink / raw)
  To: Jozsef Kadlecsik; +Cc: netfilter-devel, Pablo Neira Ayuso

If IPSET_FLAG_SKIP_SUBCOUNTER_UPDATE is set, user requested to not
update counters in sub sets. Therefore IPSET_FLAG_SKIP_COUNTER_UPDATE
must be set, not unset.

Fixes: 6e01781d1c80e ("netfilter: ipset: set match: add support to match the counters")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 net/netfilter/ipset/ip_set_list_set.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/netfilter/ipset/ip_set_list_set.c b/net/netfilter/ipset/ip_set_list_set.c
index cd747c0962fd6..5a67f79665742 100644
--- a/net/netfilter/ipset/ip_set_list_set.c
+++ b/net/netfilter/ipset/ip_set_list_set.c
@@ -59,7 +59,7 @@ list_set_ktest(struct ip_set *set, const struct sk_buff *skb,
 	/* Don't lookup sub-counters at all */
 	opt->cmdflags &= ~IPSET_FLAG_MATCH_COUNTERS;
 	if (opt->cmdflags & IPSET_FLAG_SKIP_SUBCOUNTER_UPDATE)
-		opt->cmdflags &= ~IPSET_FLAG_SKIP_COUNTER_UPDATE;
+		opt->cmdflags |= IPSET_FLAG_SKIP_COUNTER_UPDATE;
 	list_for_each_entry_rcu(e, &map->members, list) {
 		ret = ip_set_test(e->id, skb, par, opt);
 		if (ret <= 0)
-- 
2.26.2


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [net PATCH] netfilter: ipset: Fix subcounter update skip
  2020-05-14 11:31 [net PATCH] netfilter: ipset: Fix subcounter update skip Phil Sutter
@ 2020-05-25 17:04 ` Pablo Neira Ayuso
  0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2020-05-25 17:04 UTC (permalink / raw)
  To: Phil Sutter; +Cc: Jozsef Kadlecsik, netfilter-devel

On Thu, May 14, 2020 at 01:31:21PM +0200, Phil Sutter wrote:
> If IPSET_FLAG_SKIP_SUBCOUNTER_UPDATE is set, user requested to not
> update counters in sub sets. Therefore IPSET_FLAG_SKIP_COUNTER_UPDATE
> must be set, not unset.

Applied, thanks.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-05-25 17:04 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-14 11:31 [net PATCH] netfilter: ipset: Fix subcounter update skip Phil Sutter
2020-05-25 17:04 ` Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).