diff options
author | Phil Sutter <phil@nwl.cc> | 2017-03-08 16:43:25 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-03-08 16:46:24 +0100 |
commit | 82dacbb88e2433e49e14a86d637cfdefa8f79415 (patch) | |
tree | 119d0a9f6f061d9f45b89713415f618b8f25811b /etc | |
parent | 9f972f4523339df45f0ae9409a3c897998f82fcc (diff) |
xtables-translate: Avoid querying the kernel
This originally came up when accidentally calling iptables-translate as
unprivileged user - nft_compatible_revision() then fails every time,
making the translator fall back to using revision 0 only which often
leads to failed translations (due to missing xlate callback).
The bottom line is there is no need to check what revision of a given
iptables match the kernel supports when it is only to be translated into
an nftables equivalent. So just assign a dummy callback returning good
for any revision being asked for.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'etc')
0 files changed, 0 insertions, 0 deletions