From f647f61f273a15ed25307d7ca7a19cefc828c54c Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Mon, 2 Nov 2020 12:05:44 +0100 Subject: xtables: Make invflags 16bit wide This is needed to merge with xtables-arp which has more builtin options and hence needs more bits in invflags. The only adjustment needed is the set_option() call for option '-j' which passed a pointer to cs->fw.ip.invflags. That field can't be changed, it belongs to uAPI. Though using args->invflags instead works fine, aside from that '-j' doesn't support inverting so this is merely a sanity check and no real invflag value assignment will happen. Signed-off-by: Phil Sutter --- iptables/nft-shared.h | 2 +- iptables/xtables.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'iptables') diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h index da4ba9d2..cc8f3a79 100644 --- a/iptables/nft-shared.h +++ b/iptables/nft-shared.h @@ -190,7 +190,7 @@ struct xtables_args { int family; uint16_t proto; uint8_t flags; - uint8_t invflags; + uint16_t invflags; char iniface[IFNAMSIZ], outiface[IFNAMSIZ]; unsigned char iniface_mask[IFNAMSIZ], outiface_mask[IFNAMSIZ]; bool goto_set; diff --git a/iptables/xtables.c b/iptables/xtables.c index 9779bd83..c3d82014 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -239,7 +239,7 @@ xtables_exit_error(enum xtables_exittype status, const char *msg, ...) /* Christophe Burki wants `-p 6' to imply `-m tcp'. */ static void -set_option(unsigned int *options, unsigned int option, uint8_t *invflg, +set_option(unsigned int *options, unsigned int option, u_int16_t *invflg, int invert) { if (*options & option) @@ -692,7 +692,7 @@ void do_parse(struct nft_handle *h, int argc, char *argv[], #endif case 'j': - set_option(&cs->options, OPT_JUMP, &cs->fw.ip.invflags, + set_option(&cs->options, OPT_JUMP, &args->invflags, cs->invert); command_jump(cs, optarg); break; -- cgit v1.2.3