diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2013-02-21 11:12:40 +0100 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2013-02-21 17:35:43 +0100 |
commit | dd82088dab3646ed28e4aa43d1a5b5d5ffc2afba (patch) | |
tree | d3bec9cf01872af153eac970a2a75ca86fa56fba | |
parent | netfilter: ipset: timeout values corrupted on set resize (diff) | |
download | linux-dd82088dab3646ed28e4aa43d1a5b5d5ffc2afba.tar.xz linux-dd82088dab3646ed28e4aa43d1a5b5d5ffc2afba.zip |
netfilter: ipset: "Directory not empty" error message
When an entry flagged with "nomatch" was tested by ipset, it
returned the error message "Kernel error received:
Directory not empty" instead of "<element> is NOT in set <setname>"
(reported by John Brendler).
The internal error code was not properly transformed before returning
to userspace, fixed.
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
-rw-r--r-- | net/netfilter/ipset/ip_set_core.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 6d6d8f2b033e..38ca630eeeb8 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -1470,7 +1470,8 @@ ip_set_utest(struct sock *ctnl, struct sk_buff *skb, if (ret == -EAGAIN) ret = 1; - return ret < 0 ? ret : ret > 0 ? 0 : -IPSET_ERR_EXIST; + return (ret < 0 && ret != -ENOTEMPTY) ? ret : + ret > 0 ? 0 : -IPSET_ERR_EXIST; } /* Get headed data of a set */ |