diff options
author | Florian Westphal <fw@strlen.de> | 2018-04-12 11:31:42 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2018-05-10 02:31:05 +0200 |
commit | 651cfee91a8f42336b9d794c838b9f4f480308c9 (patch) | |
tree | 812b26eb3cb2c212e163bc8f7ca7e53aee3ac411 /iptables/xtables-translate.c | |
parent | 652b98e79371102f8e5edf572a7a5c2aa282c51a (diff) |
xtables-compat: pass correct table skeleton
This always uses xtables_ipv4 (which is same as _ipv6).
Pass the correct skeleton instead, this is needed to handle ebtables
correctly from xt-translate, as it doesn't use ip/ip6 tables.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/xtables-translate.c')
-rw-r--r-- | iptables/xtables-translate.c | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c index 78cc60e8..b08ac354 100644 --- a/iptables/xtables-translate.c +++ b/iptables/xtables-translate.c @@ -424,6 +424,7 @@ static int xtables_xlate_main_common(struct nft_handle *h, int family, const char *progname) { + struct builtin_table *tables; int ret; xtables_globals.program_name = progname; @@ -435,12 +436,27 @@ static int xtables_xlate_main_common(struct nft_handle *h, xtables_globals.program_version); return 1; } + switch (family) { + case NFPROTO_IPV4: + case NFPROTO_IPV6: /* fallthrough: same table */ #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS) init_extensions(); init_extensions4(); #endif + tables = xtables_ipv4; + break; + case NFPROTO_ARP: + tables = xtables_arp; + break; + case NFPROTO_BRIDGE: + tables = xtables_bridge; + break; + default: + fprintf(stderr, "Unknown family %d\n", family); + return 1; + } - if (nft_init(h, xtables_ipv4) < 0) { + if (nft_init(h, tables) < 0) { fprintf(stderr, "%s/%s Failed to initialize nft: %s\n", xtables_globals.program_name, xtables_globals.program_version, |