3 files changed, 37 insertions, 16 deletions

diff --git a/iptables/nft.h b/iptables/nft.h
index 17031871..f73a61c5 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -145,6 +145,7 @@ int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table, bool
 /* For xtables-arptables.c */
 int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table);
 /* For xtables-eb.c */
+int nft_init_eb(struct nft_handle *h);
 int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table);
 
 /*
diff --git a/iptables/xtables-eb-standalone.c b/iptables/xtables-eb-standalone.c
index 914d137b..2248b08d 100644
--- a/iptables/xtables-eb-standalone.c
+++ b/iptables/xtables-eb-standalone.c
@@ -41,28 +41,14 @@
 
 #include "xtables-multi.h"
 
-extern struct xtables_globals ebtables_globals;
-
 int xtables_eb_main(int argc, char *argv[])
 {
 	int ret;
 	char *table = "filter";
-	struct nft_handle h = {
-		.family = NFPROTO_BRIDGE,
-	};
+	struct nft_handle h;
 
-	ebtables_globals.program_name = "ebtables";
-	ret = xtables_init_all(&ebtables_globals, NFPROTO_BRIDGE);
-	if (ret < 0) {
-		fprintf(stderr, "%s/%s Failed to initialize ebtables-compat\n",
-			ebtables_globals.program_name,
-			ebtables_globals.program_version);
-		exit(1);
-	}
+	nft_init_eb(&h);
 
-#if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
-	init_extensionsb();
-#endif
 	ret = do_commandeb(&h, argc, argv, &table);
 	if (ret)
 		ret = nft_commit(&h);
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index f4b39095..44235347 100644
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -732,6 +732,40 @@ void ebt_add_watcher(struct xtables_target *watcher,
 		cs->match_list->next = newnode;
 }
 
+int nft_init_eb(struct nft_handle *h)
+{
+	ebtables_globals.program_name = "ebtables";
+	if (xtables_init_all(&ebtables_globals, NFPROTO_BRIDGE) < 0) {
+		fprintf(stderr, "%s/%s Failed to initialize ebtables-compat\n",
+			ebtables_globals.program_name,
+			ebtables_globals.program_version);
+		exit(1);
+	}
+
+#if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
+	init_extensionsb();
+#endif
+
+	memset(h, 0, sizeof(*h));
+
+	h->family = NFPROTO_BRIDGE;
+
+	if (nft_init(h, xtables_bridge) < 0)
+		xtables_error(OTHER_PROBLEM,
+			      "Could not initialize nftables layer.");
+	h->ops = nft_family_ops_lookup(h->family);
+	if (!h->ops)
+		xtables_error(PARAMETER_PROBLEM, "Unknown family");
+
+	/* manually registering ebt matches, given the original ebtables parser
+	 * don't use '-m matchname' and the match can't be loaded dynamically when
+	 * the user calls it.
+	 */
+	ebt_load_match_extensions();
+
+	return 0;
+}
+
 int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table)
 {
 	char *buffer;