arptables-nft: remove ARPT_INV flags usage

ARPT_ and IPT_INV flags are not interchangeable, e.g.: define IPT_INV_SRCDEVADDR 0x0080 define ARPT_INV_SRCDEVADDR 0x0010 as these flags can be tested by libarp_foo.so such checks can yield incorrect results. Because arptables-nft uses existing code, e.g. xt_mark, it makes sense to unify this completely by converting the last users of ARPT_INV_ constants. Note that arptables-legacy does not do run-time module loading via dlopen(). Functionaliy implemented by "extensions" in the arptables-legacy git tree are built-in, so this doesn't break arptables-legacy binaries. Fixes: 44457c080590 ("xtables-arp: Don't use ARPT_INV_*") Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Florian Westphal <fw@strlen.de> 2023-11-03 17:33:22 +0100
committer: Phil Sutter <phil@nwl.cc> 2023-11-03 21:46:10 +0100
commit: 3493d40cbba9dbfc00018b419241c93646a97a68 (patch)
tree: a575c11906e1d778b34c0152f1ce46710750df23 /iptables/xshared.h
parent: 7b9eb746f112f4f5677a6206013497c8233ffae8 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/iptables/xshared.h b/iptables/xshared.h
index a200e0d6..55863854 100644
--- a/iptables/xshared.h
+++ b/iptables/xshared.h
@@ -80,7 +80,9 @@ struct xtables_target;
 #define ARPT_OPTSTRING	OPTSTRING_COMMON "R:S::" "h::l:nvx" /* "m:" */
 #define EBT_OPTSTRING	OPTSTRING_COMMON "hv"
 
-/* define invflags which won't collide with IPT ones */
+/* define invflags which won't collide with IPT ones.
+ * arptables-nft does NOT use the legacy ARPT_INV_* defines.
+ */
 #define IPT_INV_SRCDEVADDR	0x0080
 #define IPT_INV_TGTDEVADDR	0x0100
 #define IPT_INV_ARPHLN		0x0200
author	Florian Westphal <fw@strlen.de>	2023-11-03 17:33:22 +0100
committer	Phil Sutter <phil@nwl.cc>	2023-11-03 21:46:10 +0100
commit	3493d40cbba9dbfc00018b419241c93646a97a68 (patch)
tree	a575c11906e1d778b34c0152f1ce46710750df23 /iptables/xshared.h
parent	7b9eb746f112f4f5677a6206013497c8233ffae8 (diff)