e = (struct ipt_entry *)(loc_cpu_entry + off);
if (copy_to_user(userptr + off
-@@ -1000,6 +1040,14 @@ copy_entries_to_user(unsigned int total_
- ret = -EFAULT;
+@@ -1001,6 +1041,14 @@ copy_entries_to_user(unsigned int total_
goto free_counters;
}
-+
+
+ flags = e->ip.flags & ~IPT_F_NO_DEF_MATCH;
+ if (copy_to_user(userptr + off
+ + offsetof(struct ipt_entry, ip.flags),
+ ret = -EFAULT;
+ goto free_counters;
+ }
-
++
for (i = sizeof(struct ipt_entry);
i < e->target_offset;
+ i += m->u.match_size) {