From fbc0768cb69686d00035456f1e9e0613927b1d4f Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Fri, 11 May 2018 23:17:16 +0200
Subject: nftables: xt: don't use hard-coded AF_INET

We need to check which revision type is requested (match, target)
and wheter its ipv4 or ipv6, then set family based on that.

This allows nft ipv6 family to display compat entries if a translation
is available.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 src/xt.c | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/src/xt.c b/src/xt.c
index 4a954dc9..95d0c5f2 100644
--- a/src/xt.c
+++ b/src/xt.c
@@ -293,14 +293,30 @@ static int nft_xt_compatible_revision(const char *name, uint8_t rev, int opt)
 	struct mnl_socket *nl;
 	char buf[MNL_SOCKET_BUFFER_SIZE];
 	struct nlmsghdr *nlh;
-	uint32_t portid, seq, type;
+	uint32_t portid, seq, type, family;
 	struct nfgenmsg *nfg;
 	int ret = 0;
 
-	if (opt == IPT_SO_GET_REVISION_MATCH)
+	switch (rev) {
+	case IPT_SO_GET_REVISION_MATCH:
+		family = NFPROTO_IPV4;
 		type = 0;
-	else
+		break;
+	case IPT_SO_GET_REVISION_TARGET:
+		family = NFPROTO_IPV4;
 		type = 1;
+		break;
+	case IP6T_SO_GET_REVISION_MATCH:
+		family = NFPROTO_IPV6;
+		type = 0;
+		break;
+	case IP6T_SO_GET_REVISION_TARGET:
+		family = NFPROTO_IPV6;
+		type = 1;
+		break;
+	default: /* No revision support, assume ok */
+		return 1;
+	}
 
 	nlh = mnl_nlmsg_put_header(buf);
 	nlh->nlmsg_type = (NFNL_SUBSYS_NFT_COMPAT << 8) | NFNL_MSG_COMPAT_GET;
@@ -308,7 +324,7 @@ static int nft_xt_compatible_revision(const char *name, uint8_t rev, int opt)
 	nlh->nlmsg_seq = seq = time(NULL);
 
 	nfg = mnl_nlmsg_put_extra_header(nlh, sizeof(*nfg));
-	nfg->nfgen_family = AF_INET;
+	nfg->nfgen_family = family;
 	nfg->version = NFNETLINK_V0;
 	nfg->res_id = 0;
 
-- 
cgit v1.2.3