Remove artifical restriction of netmask values for hash:ip type.

Reported by Quentin Armitage, closes netfilter bugzilla id #844.

diff --git a/lib/parse.c b/lib/parse.c
index 6df8f2067b1530a2d6602e2039918dd76d457db3..ce3548d369f1eef901b121f15c03bdc2cb7476ad 100644 (file)
--- a/lib/parse.c
+++ b/lib/parse.c
@@ -1591,16 +1591,14 @@ ipset_parse_netmask(struct ipset_session *session,
                ipset_data_set(data, IPSET_OPT_FAMILY, &family);
        }
 
-       err = string_to_cidr(session, str,
-                            family == NFPROTO_IPV4 ? 1 : 4,
-                            family == NFPROTO_IPV4 ? 31 : 124,
+       err = string_to_cidr(session, str, 1,
+                            family == NFPROTO_IPV4 ? 32 : 128,
                             &cidr);
 
        if (err)
                return syntax_err("netmask is out of the inclusive range "
-                                 "of %u-%u",
-                                 family == NFPROTO_IPV4 ? 1 : 4,
-                                 family == NFPROTO_IPV4 ? 31 : 124);
+                                 "of 1-%u",
+                                 family == NFPROTO_IPV4 ? 32 : 128);
 
        return ipset_data_set(data, opt, &cidr);
 }