Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 20 Aug 2007 11:59:06 +0200
From: Stanislav <>
Subject: address inversion of  conntrack match


OWL uses iptables 1.2.11 and i came
into that place where my iptables rules
shows an inversion bug in iptables-save,

The fix of the address inversion of
conntrack match	comes from Tom Eastep.
And was merged into iptables 1.3.4.

--- iptables-1.3.3/extensions/libipt_conntrack.c~	2005-02-19  
11:19:17.000000000 -0800
+++ iptables-1.3.3/extensions/libipt_conntrack.c	2005-09-14  
14:58:12.000000000 -0700
@@ -414,8 +414,8 @@
  	char buf[BUFSIZ];

-        if (inv)
-               	fputc('!', stdout);
+        if (inv)
+               	printf("! ");

  	if (mask->s_addr == 0L && !numeric)
  		printf("%s ", "anywhere");



To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.