arptables-nft: remove ARPT_INV flags usage

ARPT_ and IPT_INV flags are not interchangeable, e.g.:
define IPT_INV_SRCDEVADDR	0x0080
define ARPT_INV_SRCDEVADDR	0x0010

as these flags can be tested by libarp_foo.so such checks can yield
incorrect results.

Because arptables-nft uses existing code, e.g. xt_mark, it makes
sense to unify this completely by converting the last users of
ARPT_INV_ constants.

Note that arptables-legacy does not do run-time module loading via
dlopen(). Functionaliy implemented by "extensions" in the
arptables-legacy git tree are built-in, so this doesn't break
arptables-legacy binaries.

Fixes: 44457c080590 ("xtables-arp: Don't use ARPT_INV_*")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Phil Sutter <phil@nwl.cc>

1 files changed, 2 insertions, 2 deletions

diff --git a/extensions/libarpt_mangle.c b/extensions/libarpt_mangle.c
index 765edf34..a846e97e 100644
--- a/extensions/libarpt_mangle.c
+++ b/extensions/libarpt_mangle.c
@@ -77,7 +77,7 @@ arpmangle_parse(int c, char **argv, int invert, unsigned int *flags,
 		if (e->arp.arhln_mask == 0)
 			xtables_error(PARAMETER_PROBLEM,
 				      "no --h-length defined");
-		if (e->arp.invflags & ARPT_INV_ARPHLN)
+		if (e->arp.invflags & IPT_INV_ARPHLN)
 			xtables_error(PARAMETER_PROBLEM,
 				      "! --h-length not allowed for "
 				      "--mangle-mac-s");
@@ -95,7 +95,7 @@ arpmangle_parse(int c, char **argv, int invert, unsigned int *flags,
 		if (e->arp.arhln_mask == 0)
 			xtables_error(PARAMETER_PROBLEM,
 				      "no --h-length defined");
-		if (e->arp.invflags & ARPT_INV_ARPHLN)
+		if (e->arp.invflags & IPT_INV_ARPHLN)
 			xtables_error(PARAMETER_PROBLEM,
 				      "! hln not allowed for --mangle-mac-d");
 		if (e->arp.arhln != 6)