diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2013-02-21 14:12:40 +0400 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2013-02-21 20:35:43 +0400 |
commit | dd82088dab3646ed28e4aa43d1a5b5d5ffc2afba (patch) | |
tree | d3bec9cf01872af153eac970a2a75ca86fa56fba /net | |
parent | cf1c4a094f46ace5bf00078e2db73491ddf018fe (diff) | |
download | linux-dd82088dab3646ed28e4aa43d1a5b5d5ffc2afba.tar.xz |
netfilter: ipset: "Directory not empty" error message
When an entry flagged with "nomatch" was tested by ipset, it
returned the error message "Kernel error received:
Directory not empty" instead of "<element> is NOT in set <setname>"
(reported by John Brendler).
The internal error code was not properly transformed before returning
to userspace, fixed.
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/ipset/ip_set_core.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 6d6d8f2b033e..38ca630eeeb8 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -1470,7 +1470,8 @@ ip_set_utest(struct sock *ctnl, struct sk_buff *skb, if (ret == -EAGAIN) ret = 1; - return ret < 0 ? ret : ret > 0 ? 0 : -IPSET_ERR_EXIST; + return (ret < 0 && ret != -ENOTEMPTY) ? ret : + ret > 0 ? 0 : -IPSET_ERR_EXIST; } /* Get headed data of a set */ |