From 60d6f956a24a242ab7b8fcf0ea22befd962e0493 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Fri, 23 Mar 2018 13:41:56 +0100
Subject: executor: fix reset of bridge netfilter

We left entries non-zero, so memcmp always failed.
---
 executor/common_linux.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'executor/common_linux.h')

diff --git a/executor/common_linux.h b/executor/common_linux.h
index fcc5df52a..a80cb8dc5 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -1483,6 +1483,7 @@ static void reset_ebtables()
 		if (getsockopt(fd, SOL_IP, EBT_SO_GET_INFO, &replace, &optlen))
 			fail("getsockopt(EBT_SO_GET_INFO)");
 		replace.num_counters = 0;
+		table->replace.entries = 0;
 		for (h = 0; h < NF_BR_NUMHOOKS; h++)
 			table->replace.hook_entry[h] = 0;
 		if (memcmp(&table->replace, &replace, sizeof(table->replace)) == 0) {
@@ -1502,6 +1503,7 @@ static void reset_ebtables()
 				j++;
 			}
 		}
+		table->replace.entries = table->entrytable;
 		optlen = sizeof(table->replace) + table->replace.entries_size;
 		if (setsockopt(fd, SOL_IP, EBT_SO_SET_ENTRIES, &table->replace, optlen))
 			fail("setsockopt(EBT_SO_SET_ENTRIES)");
-- 
cgit mrf-deployment