From 0391677c1a0b28c14d01febd9628a543e8e5fd62 Mon Sep 17 00:00:00 2001 From: Tomasz Bursztyka Date: Sun, 13 Jan 2013 16:42:11 +0100 Subject: xtables: add IPv6 support Summary of changes to add IPv6 support to the xtables utility: * modify all commands (add, delete, replace, check and listing) to support IPv6 addresses. And for the internal nft library: * add family to struct nft_handle and modify all caller to use this family instead of the hardcoded AF_INET. * move code that we can re-use for IPv4 and IPv6 into helper functions. * add IPv6 rule printing support. * add support to parse IPv6 address. Pablo added several improvements to this patch: * added basic xtables-save and xtables-restore support (so it defaults to IPv4) * fixed a couple of bugs found while testing * added reference when -f is used to point to -m frag (until we can make this consistent with IPv4). Note that we use one single xtables binary utility for IPv4 and IPv6. Signed-off-by: Tomasz Bursztyka Signed-off-by: Pablo Neira Ayuso --- iptables/xtables-restore.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'iptables/xtables-restore.c') diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c index 30ea813c..e83eacc3 100644 --- a/iptables/xtables-restore.c +++ b/iptables/xtables-restore.c @@ -161,7 +161,9 @@ static void add_param_to_argv(char *parsestart) int xtables_restore_main(int argc, char *argv[]) { - struct nft_handle h; + struct nft_handle h = { + .family = AF_INET, /* default to IPv4 */ + }; char buffer[10240]; int c; char curtable[XT_TABLE_MAXNAMELEN + 1]; -- cgit v1.2.3