diff options
author | Phil Sutter <phil@nwl.cc> | 2020-11-14 15:22:09 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2021-10-20 11:32:54 +0200 |
commit | 142cf72442760ae8fc377bbfb54a913baf84742e (patch) | |
tree | d213e4ee77c9abc03397b1c21c4e25d467570cff | |
parent | ab0a785a72a6be0d4a37e3492069a8719418cfbc (diff) |
xtables: arptables accepts empty interface names
The empty string passed as interface name is simply ignored by legacy
arptables. Make the new common parser print a warning but accept it.
Calling xtables_parse_interface() with an empty string is safe.
Signed-off-by: Phil Sutter <phil@nwl.cc>
-rw-r--r-- | iptables/xtables.c | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/iptables/xtables.c b/iptables/xtables.c index dc67affc..075506f0 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -260,6 +260,19 @@ list_rules(struct nft_handle *h, const char *chain, const char *table, return nft_cmd_rule_list_save(h, chain, table, rulenum, counters); } +static void check_empty_interface(struct nft_handle *h, const char *arg) +{ + const char *msg = "Empty interface is likely to be undesired"; + + if (*arg != '\0') + return; + + if (h->family != NFPROTO_ARP) + xtables_error(PARAMETER_PROBLEM, msg); + + fprintf(stderr, "%s", msg); +} + void do_parse(struct nft_handle *h, int argc, char *argv[], struct nft_xt_cmd_parse *p, struct iptables_command_state *cs, struct xtables_args *args) @@ -493,10 +506,7 @@ void do_parse(struct nft_handle *h, int argc, char *argv[], case 'i': - if (*optarg == '\0') - xtables_error(PARAMETER_PROBLEM, - "Empty interface is likely to be " - "undesired"); + check_empty_interface(h, optarg); set_option(&cs->options, OPT_VIANAMEIN, &args->invflags, invert); xtables_parse_interface(optarg, @@ -505,10 +515,7 @@ void do_parse(struct nft_handle *h, int argc, char *argv[], break; case 'o': - if (*optarg == '\0') - xtables_error(PARAMETER_PROBLEM, - "Empty interface is likely to be " - "undesired"); + check_empty_interface(h, optarg); set_option(&cs->options, OPT_VIANAMEOUT, &args->invflags, invert); xtables_parse_interface(optarg, |