From 07f4ca96816886635acfb9478b2d04929938eb78 Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Tue, 8 May 2018 16:31:29 +0200
Subject: xtables-compat: ebtables: allow checking for zero-mac

Allow checking for an all-zero mac address by replacing checks on the
address with a check on the option flag.

Its set when '-d' or '-s' appears on the command line and when seeing
a linklayer payload request for ether s/daddr.

Same for -p: s this flag gets removed during getopt when 'p' is encountered.

So, if its set, no need to check protocol type.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 iptables/nft-bridge.h | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'iptables/nft-bridge.h')

diff --git a/iptables/nft-bridge.h b/iptables/nft-bridge.h
index 3ee04640..8dcb151f 100644
--- a/iptables/nft-bridge.h
+++ b/iptables/nft-bridge.h
@@ -15,9 +15,6 @@
 #define LIST_X	  0x10
 #define LIST_MAC2 0x20
 
-/* Be backwards compatible, so don't use '+' in kernel */
-#define IF_WILDCARD 1
-
 extern unsigned char eb_mac_type_unicast[ETH_ALEN];
 extern unsigned char eb_msk_type_unicast[ETH_ALEN];
 extern unsigned char eb_mac_type_multicast[ETH_ALEN];
-- 
cgit v1.2.3