From 60f00639ca42a95fd5425d6bb6ac08e5b29c6b18 Mon Sep 17 00:00:00 2001
From: Giuseppe Longo <giuseppelng@gmail.com>
Date: Mon, 24 Mar 2014 11:59:46 +0100
Subject: nft: replace nft_rule_attr_get_u8

Since the family declaration has been modified in libnftnl,
from commit 3cd9cd06625f8181c713489cec2c1ce6722a7e16
the assertion is failed for {ip,ip6,arp}tables-compat
when printing rules.

iptables-compat -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
libnftnl: attribute 0 assertion failed in rule.c:273

ip6tables-compat -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
libnftnl: attribute 0 assertion failed in rule.c:273

arptables-compat -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
libnftnl: attribute 0 assertion failed in rule.c:273

Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/nft-arp.c        | 2 +-
 iptables/nft-shared.c     | 2 +-
 iptables/nft.c            | 2 +-
 iptables/xtables-events.c | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index 3af1b4bf..562a1a29 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -369,7 +369,7 @@ void nft_rule_to_arpt_entry(struct nft_rule *r, struct arpt_entry *fw)
 {
 	struct nft_rule_expr_iter *iter;
 	struct nft_rule_expr *expr;
-	int family = nft_rule_attr_get_u8(r, NFT_RULE_ATTR_FAMILY);
+	int family = nft_rule_attr_get_u32(r, NFT_RULE_ATTR_FAMILY);
 
 	iter = nft_rule_expr_iter_create(r);
 	if (iter == NULL)
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index ada71e6b..3f018fb2 100644
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -457,7 +457,7 @@ void nft_rule_to_iptables_command_state(struct nft_rule *r,
 {
 	struct nft_rule_expr_iter *iter;
 	struct nft_rule_expr *expr;
-	int family = nft_rule_attr_get_u8(r, NFT_RULE_ATTR_FAMILY);
+	int family = nft_rule_attr_get_u32(r, NFT_RULE_ATTR_FAMILY);
 
 	iter = nft_rule_expr_iter_create(r);
 	if (iter == NULL)
diff --git a/iptables/nft.c b/iptables/nft.c
index 1237659f..f3ec526d 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1017,7 +1017,7 @@ nft_rule_print_save(const void *data,
 		    unsigned int format)
 {
 	const char *chain = nft_rule_attr_get_str(r, NFT_RULE_ATTR_CHAIN);
-	int family = nft_rule_attr_get_u8(r, NFT_RULE_ATTR_FAMILY);
+	int family = nft_rule_attr_get_u32(r, NFT_RULE_ATTR_FAMILY);
 	struct nft_family_ops *ops;
 
 	/* print chain name */
diff --git a/iptables/xtables-events.c b/iptables/xtables-events.c
index d8a732e4..4746825e 100644
--- a/iptables/xtables-events.c
+++ b/iptables/xtables-events.c
@@ -75,7 +75,7 @@ static int rule_cb(const struct nlmsghdr *nlh, int type)
 		goto err_free;
 	}
 
-	family = nft_rule_attr_get_u8(r, NFT_RULE_ATTR_FAMILY);
+	family = nft_rule_attr_get_u32(r, NFT_RULE_ATTR_FAMILY);
 	switch (family) {
 	case AF_INET:
 	case AF_INET6:
-- 
cgit v1.2.3