From 7085edaa788877805504a2167168b283b0ebca01 Mon Sep 17 00:00:00 2001
From: Daniel Wagner <daniel.wagner@bmw-carit.de>
Date: Mon, 13 Feb 2012 15:51:38 +0100
Subject: [PATCH] iptables: Mask address when parsing ip/prefixlen

Netfilter likes to have the address properly masked.
---
 src/iptables.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/iptables.c b/src/iptables.c
index 80f63ec..7c62ec3 100644
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -1498,6 +1498,7 @@ static int parse_ip_and_mask(const char *str, struct in_addr *ip, struct in_addr
 	}
 
 	mask->s_addr = htonl(tmp);
+	ip->s_addr = ip->s_addr & mask->s_addr;
 	err = 0;
 out:
 	g_strfreev(tokens);
-- 
2.7.4