path: root/iptables/nft-shared.h
diff options
authorPablo Neira Ayuso <>2014-10-09 15:02:02 +0200
committerPablo Neira Ayuso <>2014-11-24 11:35:33 +0100
commitda871de2a6efb576b6378a66222c0871f4282e96 (patch)
treea700e6ff93143a9a4a863e0e1cf2df8fc2cc5d41 /iptables/nft-shared.h
parentd87b76cfc3b1c003fec75b8a4ea639aa444014f3 (diff)
nft: bootstrap ebtables-compat
This patch bootstraps ebtables-compat, the ebtables compatibility software upon nf_tables. [ Original patches: I have also forward port them on top of the current git HEAD, otherwise compilation breaks. This bootstrap is experimental, this still needs more work. --Pablo ] Signed-off-by: Giuseppe Longo <> Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables/nft-shared.h')
1 files changed, 3 insertions, 1 deletions
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index 1b16d4e0..97d41df8 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -48,6 +48,7 @@ struct nft_xt_ctx {
union {
struct iptables_command_state *cs;
struct arptables_command_state *cs_arp;
+ struct xtables_ebt_entry *ebfw;
} state;
struct nft_rule_expr_iter *iter;
int family;
@@ -122,7 +123,7 @@ bool is_same_interfaces(const char *a_iniface, const char *a_outiface,
unsigned const char *b_iniface_mask,
unsigned const char *b_outiface_mask);
-void parse_meta(struct nft_rule_expr *e, uint8_t key, char *iniface,
+int parse_meta(struct nft_rule_expr *e, uint8_t key, char *iniface,
unsigned char *iniface_mask, char *outiface,
unsigned char *outiface_mask, uint8_t *invflags);
void print_proto(uint16_t proto, int invert);
@@ -165,6 +166,7 @@ struct nft_handle;
bool nft_ipv46_rule_find(struct nft_family_ops *ops, struct nft_rule *r,
struct iptables_command_state *cs);
+bool compare_matches(struct xtables_rule_match *mt1, struct xtables_rule_match *mt2);
bool compare_targets(struct xtables_target *tg1, struct xtables_target *tg2);
struct addr_mask {