iptables-compat: kill add_*() invflags parameter

Let's kill the invflags parameter and use directly NFT_CMP_[N]EQ. The caller must calculate which kind of cmp operation requires. BTW, this patch solves absence of inversion in some arptables-compat builtin matches. Thus, translating arptables inv flags is no longer needed. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Arturo Borrero <arturo.borrero.glez@gmail.com> 2014-11-12 13:00:12 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-11-12 13:16:57 +0100
commit: c82bf9f79bbc299de428fdc2e204d571b6cbc50d (patch)
tree: 984f4940c32af3d41e1598545a1e4e4b4b321659 /iptables/nft.c
parent: df3741332d86629a8fdd267930e0a249803f6aa8 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/iptables/nft.c b/iptables/nft.c
index 64222af8..baaef3e8 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2567,3 +2567,11 @@ err:
 	/* the core expects 1 for success and 0 for error */
 	return ret == 0 ? 1 : 0;
 }
+
+uint32_t nft_invflags2cmp(uint32_t invflags, uint32_t flag)
+{
+	if (invflags & flag)
+		return NFT_CMP_NEQ;
+
+	return NFT_CMP_EQ;
+}
author	Arturo Borrero <arturo.borrero.glez@gmail.com>	2014-11-12 13:00:12 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-11-12 13:16:57 +0100
commit	c82bf9f79bbc299de428fdc2e204d571b6cbc50d (patch)
tree	984f4940c32af3d41e1598545a1e4e4b4b321659 /iptables/nft.c
parent	df3741332d86629a8fdd267930e0a249803f6aa8 (diff)