diff options
| author | Phil Sutter <phil@nwl.cc> | 2018-08-06 17:21:57 +0200 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2018-08-06 18:17:39 +0200 |
| commit | 63c3dae305cf27cabe5577da5599ddc26f4af36c (patch) | |
| tree | 726900fb286b0a55f8356ab6e1ed2653dcf1c1eb /iptables/xtables-arp.c | |
| parent | aa7fb04fcf72cf50ba6c490ae1cae30181672004 (diff) | |
xtables: Implement arptables-{save,restore}
This adds C implementations for arptables-save and -restore in compat
layer based on the two perl scripts in legacy arptables repository.
To share common code, introduce nft_init_arp() analogous to
nft_init_eb() introduced earlier.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/xtables-arp.c')
| -rw-r--r-- | iptables/xtables-arp.c | 39 |
1 files changed, 30 insertions, 9 deletions
diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c index 62282f42..a457ea30 100644 --- a/iptables/xtables-arp.c +++ b/iptables/xtables-arp.c @@ -928,7 +928,36 @@ delete_entry(const char *chain, return ret; } -int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table) +int nft_init_arp(struct nft_handle *h, const char *pname) +{ + arptables_globals.program_name = pname; + if (xtables_init_all(&arptables_globals, NFPROTO_ARP) < 0) { + fprintf(stderr, "%s/%s Failed to initialize arptables-compat\n", + arptables_globals.program_name, + arptables_globals.program_version); + exit(1); + } + +#if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS) + init_extensionsa(); +#endif + + memset(h, 0, sizeof(*h)); + h->family = NFPROTO_ARP; + + if (nft_init(h, xtables_arp) < 0) + xtables_error(OTHER_PROBLEM, + "Could not initialize nftables layer."); + + h->ops = nft_family_ops_lookup(h->family); + if (h->ops == NULL) + xtables_error(PARAMETER_PROBLEM, "Unknown family"); + + return 0; +} + +int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table, + bool restore) { struct iptables_command_state cs = { .jumpto = "", @@ -1356,14 +1385,6 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table) "chain name `%s' too long (must be under %i chars)", chain, ARPT_FUNCTION_MAXNAMELEN); - if (nft_init(h, xtables_arp) < 0) - xtables_error(OTHER_PROBLEM, - "Could not initialize nftables layer."); - - h->ops = nft_family_ops_lookup(h->family); - if (h->ops == NULL) - xtables_error(PARAMETER_PROBLEM, "Unknown family"); - if (command == CMD_APPEND || command == CMD_DELETE || command == CMD_INSERT |