diff options
| author | Florian Westphal <fw@strlen.de> | 2023-11-07 12:15:38 +0100 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2023-11-07 23:40:14 +0100 |
| commit | 5b7324e0675e332ae186e1bd6978aa320f628086 (patch) | |
| tree | e258f128ccfe5637759cbce7031b6c491f8492f1 /iptables/xtables-translate.c | |
| parent | ab2d5f8c7bbeea49d9dddaaf3d2fac8c7fdeae56 (diff) | |
nft-arp: add arptables-translate
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/xtables-translate.c')
| -rw-r--r-- | iptables/xtables-translate.c | 35 |
1 files changed, 34 insertions, 1 deletions
diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c index 88e0a6b6..ea9dce20 100644 --- a/iptables/xtables-translate.c +++ b/iptables/xtables-translate.c @@ -140,6 +140,7 @@ bool xlate_find_match(const struct iptables_command_state *cs, const char *p_nam } const char *family2str[] = { + [NFPROTO_ARP] = "arp", [NFPROTO_IPV4] = "ip", [NFPROTO_IPV6] = "ip6", }; @@ -196,6 +197,15 @@ static int xlate(struct nft_handle *h, struct xt_cmd_parse *p, for (i = 0; i < args->s.naddrs; i++) { switch (h->family) { + case NFPROTO_ARP: + cs->arp.arp.src.s_addr = args->s.addr.v4[i].s_addr; + cs->arp.arp.smsk.s_addr = args->s.mask.v4[i].s_addr; + for (j = 0; j < args->d.naddrs; j++) { + cs->arp.arp.tgt.s_addr = args->d.addr.v4[j].s_addr; + cs->arp.arp.tmsk.s_addr = args->d.mask.v4[j].s_addr; + ret = cb(h, p, cs, append); + } + break; case AF_INET: cs->fw.ip.src.s_addr = args->s.addr.v4[i].s_addr; cs->fw.ip.smsk.s_addr = args->s.mask.v4[i].s_addr; @@ -475,7 +485,24 @@ static int xtables_xlate_main_common(struct nft_handle *h, xtables_globals.program_name = progname; xtables_globals.compat_rev = dummy_compat_rev; - ret = xtables_init_all(&xtables_globals, family); + + switch (family) { + case NFPROTO_IPV4: + ret = xtables_init_all(&xtables_globals, family); + break; + case NFPROTO_IPV6: + ret = xtables_init_all(&xtables_globals, family); + break; + case NFPROTO_ARP: + arptables_globals.program_name = progname; + arptables_globals.compat_rev = dummy_compat_rev; + ret = xtables_init_all(&arptables_globals, family); + break; + default: + ret = -1; + break; + } + if (ret < 0) { fprintf(stderr, "%s/%s Failed to initialize xtables\n", xtables_globals.program_name, @@ -590,6 +617,12 @@ static int xtables_restore_xlate_main(int family, const char *progname, exit(0); } +int xtables_arp_xlate_main(int argc, char *argv[]) +{ + return xtables_xlate_main(NFPROTO_ARP, "arptables-translate", + argc, argv); +} + int xtables_ip4_xlate_main(int argc, char *argv[]) { return xtables_xlate_main(NFPROTO_IPV4, "iptables-translate", |