From c82bf9f79bbc299de428fdc2e204d571b6cbc50d Mon Sep 17 00:00:00 2001 From: Arturo Borrero Date: Wed, 12 Nov 2014 13:00:12 +0100 Subject: iptables-compat: kill add_*() invflags parameter Let's kill the invflags parameter and use directly NFT_CMP_[N]EQ. The caller must calculate which kind of cmp operation requires. BTW, this patch solves absence of inversion in some arptables-compat builtin matches. Thus, translating arptables inv flags is no longer needed. Signed-off-by: Arturo Borrero Gonzalez Signed-off-by: Pablo Neira Ayuso --- iptables/nft-shared.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'iptables/nft-shared.h') diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h index 468da5c9..1b16d4e0 100644 --- a/iptables/nft-shared.h +++ b/iptables/nft-shared.h @@ -107,12 +107,12 @@ void add_cmp_ptr(struct nft_rule *r, uint32_t op, void *data, size_t len); void add_cmp_u8(struct nft_rule *r, uint8_t val, uint32_t op); void add_cmp_u16(struct nft_rule *r, uint16_t val, uint32_t op); void add_cmp_u32(struct nft_rule *r, uint32_t val, uint32_t op); -void add_iniface(struct nft_rule *r, char *iface, int invflags); -void add_outiface(struct nft_rule *r, char *iface, int invflags); +void add_iniface(struct nft_rule *r, char *iface, uint32_t op); +void add_outiface(struct nft_rule *r, char *iface, uint32_t op); void add_addr(struct nft_rule *r, int offset, - void *data, void *mask, size_t len, int invflags); + void *data, void *mask, size_t len, uint32_t op); void add_proto(struct nft_rule *r, int offset, size_t len, - uint8_t proto, int invflags); + uint8_t proto, uint32_t op); void add_compat(struct nft_rule *r, uint32_t proto, bool inv); bool is_same_interfaces(const char *a_iniface, const char *a_outiface, -- cgit v1.2.3