diff options
| author | Arturo Borrero <arturo.borrero.glez@gmail.com> | 2015-02-09 13:16:12 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-02-11 01:23:23 +0100 |
| commit | fe97f60e5d2a968638286036db67e3a4e17f095d (patch) | |
| tree | 461b536623eb30ec5746ea069fff6e7edbf9389f /iptables/nft-bridge.h | |
| parent | 4e5ed8d8165b3d4a16a6133cfc1b43118a0e2a3d (diff) | |
ebtables-compat: add watchers support
ebtables watchers are targets which always return EBT_CONTINUE.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft-bridge.h')
| -rw-r--r-- | iptables/nft-bridge.h | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/iptables/nft-bridge.h b/iptables/nft-bridge.h index cd63c11a..1c4a96ea 100644 --- a/iptables/nft-bridge.h +++ b/iptables/nft-bridge.h @@ -93,10 +93,21 @@ struct ebt_entry { unsigned char out_mask[IFNAMSIZ]; }; +/* trick for ebtables-compat, since watchers are targets */ +struct ebt_match { + struct ebt_match *next; + union { + struct xtables_match *match; + struct xtables_target *watcher; + } u; + bool ismatch; +}; + struct ebtables_command_state { struct ebt_entry fw; struct xtables_target *target; struct xtables_rule_match *matches; + struct ebt_match *match_list; const char *jumpto; struct xt_counters counters; int invert; @@ -155,4 +166,6 @@ static inline const char *ebt_target_name(unsigned int verdict) *flags |= mask; \ }) \ +void ebt_cs_clean(struct ebtables_command_state *cs); + #endif |