summaryrefslogtreecommitdiffstats
path: root/iptables/nft-bridge.c
diff options
context:
space:
mode:
authorArturo Borrero <arturo.borrero.glez@gmail.com>2014-12-17 12:06:56 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2014-12-23 14:25:40 +0100
commit6aa7d1c26d0a3b0c909bbf13aa0ef6b179615433 (patch)
treebad6f55adb9a7e2842d4d453b0d175d6f691c41e /iptables/nft-bridge.c
parent84b69ea462eb2159ce6bde83d6bcf2eac0098f87 (diff)
extensions: add ebt 802_3 extension
This patch adds the first ebtables extension to ebtables-compat. The original 802_3 code is adapted to the xtables environment. I tried to mimic as much as possible the original ebtables code paths. With this patch, ebtables-compat is able to send the 802_3 match to the kernel, but the kernel-to-userspace path is not tested and should be adjusted in follow-up patches. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft-bridge.c')
-rw-r--r--iptables/nft-bridge.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c
index a1bd9065..9772b5fe 100644
--- a/iptables/nft-bridge.c
+++ b/iptables/nft-bridge.c
@@ -135,6 +135,7 @@ static int _add_action(struct nft_rule *r, struct ebtables_command_state *cs)
static int nft_bridge_add(struct nft_rule *r, void *data)
{
struct ebtables_command_state *cs = data;
+ struct xtables_rule_match *matchp;
struct ebt_entry *fw = &cs->fw;
uint32_t op;
char *addr;
@@ -179,6 +180,11 @@ static int nft_bridge_add(struct nft_rule *r, void *data)
add_cmp_u16(r, fw->ethproto, op);
}
+ for (matchp = cs->matches; matchp; matchp = matchp->next) {
+ if (add_match(r, matchp->match->m) < 0)
+ break;
+ }
+
return _add_action(r, cs);
}