libxt_recent: do allow --rttl for --update
Tony Ho noticed a too-strict check in xt_recent, so here is a fix.
Reported-by: Tony Ho <iptables@iblink.com.cn>
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
diff --git a/extensions/libipt_recent.c b/extensions/libipt_recent.c
index 94f246a..7281fe5 100644
--- a/extensions/libipt_recent.c
+++ b/extensions/libipt_recent.c
@@ -165,7 +165,7 @@
"recent: you must specify one of `--set', `--rcheck' "
"`--update' or `--remove'");
if ((flags & IPT_RECENT_TTL) &&
- (flags & (IPT_RECENT_SET | IPT_RECENT_REMOVE | IPT_RECENT_UPDATE)))
+ (flags & (IPT_RECENT_SET | IPT_RECENT_REMOVE)))
exit_error(PARAMETER_PROBLEM,
"recent: --rttl may only be used with --rcheck or "
"--update");
diff --git a/extensions/libipt_recent.man b/extensions/libipt_recent.man
index 02432ba..d5bdaa0 100644
--- a/extensions/libipt_recent.man
+++ b/extensions/libipt_recent.man
@@ -50,7 +50,7 @@
number of hits within a specific time frame.
.TP
\fB--rttl\fR
-This option must be used in conjunction with one of \fB--rcheck\fR or
+This option may only be used in conjunction with one of \fB--rcheck\fR or
\fB--update\fR. When used, this will narrow the match to only happen
when the address is in the list and the TTL of the current packet
matches that of the packet which hit the \fB--set\fR rule. This may be