From 08e2e3dc02b61260ec27ef3df19e5542d1ae5faa Mon Sep 17 00:00:00 2001
From: r-caamano <robert.caamano@netfoundry.io>
Date: Fri, 16 Aug 2024 09:50:40 +0000
Subject: [PATCH] Fixed incorrrect rule count max check for IPv6 rules

---
 CHANGELOG.md | 2 ++
 src/zfw.c    | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ff3b805..3b6efd0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,8 @@ All notable changes to this project will be documented in this file. The format
 - Added Outbound tracking for IPv4 and IPv6 ICMP Echo
 - Added Masquerade for passthrough icmp echos.
 - Fixed an issue where both the packages and Makefile were limiting egress rule entries to 100 instead of 100000.
+- Fixed issue where incorrect count check was being performed on insert for ipv6 rules to verify if they had reached
+  BPF_MAX_ENTRIES.
   
 ###
 # [0.8.12] - 2024-08-07
diff --git a/src/zfw.c b/src/zfw.c
index 8373d1f..1a4bd1c 100644
--- a/src/zfw.c
+++ b/src/zfw.c
@@ -311,6 +311,7 @@ void open_range_map();
 void if_list_ext_delete_key(struct port_extension_key key);
 bool interface_map();
 void interface_map6();
+int get_key_count6();
 void close_maps(int code);
 void if_delete_key(uint32_t key);
 void if6_delete_key(uint32_t key);
@@ -3641,7 +3642,7 @@ void map_insert6()
         printf("INSERT FAILURE -- INVALID PORT RANGE: low_port(%u) > high_port(%u)\n", low_port, high_port);
         close_maps(1);
     }
-    if (get_key_count() == BPF_MAX_ENTRIES)
+    if (get_key_count6() == BPF_MAX_ENTRIES)
     {
         printf("INSERT FAILURE -- MAX PREFIX TUPLES REACHED\n");
         close_maps(1);