forecast: Compare the complete rules when deleting them
authorTobias Brunner <tobias@strongswan.org>
Wed, 9 Mar 2016 11:10:12 +0000 (12:10 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 10 Mar 2016 16:26:38 +0000 (17:26 +0100)
Same as the change in the connmark plugin.

References #1229.

src/libcharon/plugins/forecast/forecast_listener.c

index 7e93617..8f7f260 100644 (file)
@@ -160,7 +160,10 @@ static bool manage_rule(struct iptc_handle *ipth, const char *chain,
        }
        else
        {
-               if (!iptc_delete_entry(chain, e, "", ipth))
+               u_char matchmask[e->next_offset];
+
+               memset(matchmask, 255, sizeof(matchmask));
+               if (!iptc_delete_entry(chain, e, matchmask, ipth))
                {
                        DBG1(DBG_CFG, "deleting %s rule failed: %s",
                                 chain, iptc_strerror(errno));