diff options
| author | Phil Sutter <phil@nwl.cc> | 2023-12-21 13:24:09 +0100 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2024-01-10 23:33:24 +0100 |
| commit | b1ae6a45c9f38a60a13d9ecb88dcbeb12e5d13e0 (patch) | |
| tree | 266b5b45b82dc62ad087562088c87e96bd74b557 /iptables/xtables-eb.c | |
| parent | f4721951baca81b7d74c5551d0f5c599dbb89bf1 (diff) | |
ebtables: Default to extrapositioned negations
ebtables-nft has always supported both intra- and extrapositioned
negations but defaulted to intrapositioned when printing/saving rules.
With commit 58d364c7120b5 ("ebtables: Use do_parse() from xshared")
though, it started to warn about intrapositioned negations. So change
the default to avoid mandatory warnings when e.g. loading previously
dumped rulesets.
Also adjust test cases, help texts and ebtables-nft.8 accordingly.
Cc: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/xtables-eb.c')
| -rw-r--r-- | iptables/xtables-eb.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c index e8cdd7ea..250169c3 100644 --- a/iptables/xtables-eb.c +++ b/iptables/xtables-eb.c @@ -226,13 +226,13 @@ void nft_bridge_print_help(struct iptables_command_state *cs) "--rename-chain -E old new : rename a chain\n" "--delete-chain -X [chain] : delete a user defined chain\n" "Options:\n" -"--proto -p [!] proto : protocol hexadecimal, by name or LENGTH\n" -"--src -s [!] address[/mask]: source mac address\n" -"--dst -d [!] address[/mask]: destination mac address\n" -"--in-if -i [!] name[+] : network input interface name\n" -"--out-if -o [!] name[+] : network output interface name\n" -"--logical-in [!] name[+] : logical bridge input interface name\n" -"--logical-out [!] name[+] : logical bridge output interface name\n" +"[!] --proto -p proto : protocol hexadecimal, by name or LENGTH\n" +"[!] --src -s address[/mask]: source mac address\n" +"[!] --dst -d address[/mask]: destination mac address\n" +"[!] --in-if -i name[+] : network input interface name\n" +"[!] --out-if -o name[+] : network output interface name\n" +"[!] --logical-in name[+] : logical bridge input interface name\n" +"[!] --logical-out name[+] : logical bridge output interface name\n" "--set-counters -c chain\n" " pcnt bcnt : set the counters of the to be added rule\n" "--modprobe -M program : try to insert modules using this program\n" |