path: root/iptables/xtables-restore.c
diff options
authorTomasz Bursztyka <>2013-01-13 16:42:11 +0100
committerPablo Neira Ayuso <>2013-12-30 23:50:22 +0100
commit0391677c1a0b28c14d01febd9628a543e8e5fd62 (patch)
treeb9b7715693c1284f1839abab621266ab02994747 /iptables/xtables-restore.c
parent5a1b519d1e26767fa1f0de15b0f7e125531a1719 (diff)
xtables: add IPv6 support
Summary of changes to add IPv6 support to the xtables utility: * modify all commands (add, delete, replace, check and listing) to support IPv6 addresses. And for the internal nft library: * add family to struct nft_handle and modify all caller to use this family instead of the hardcoded AF_INET. * move code that we can re-use for IPv4 and IPv6 into helper functions. * add IPv6 rule printing support. * add support to parse IPv6 address. Pablo added several improvements to this patch: * added basic xtables-save and xtables-restore support (so it defaults to IPv4) * fixed a couple of bugs found while testing * added reference when -f is used to point to -m frag (until we can make this consistent with IPv4). Note that we use one single xtables binary utility for IPv4 and IPv6. Signed-off-by: Tomasz Bursztyka <> Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables/xtables-restore.c')
1 files changed, 3 insertions, 1 deletions
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index 30ea813c..e83eacc3 100644
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c
@@ -161,7 +161,9 @@ static void add_param_to_argv(char *parsestart)
xtables_restore_main(int argc, char *argv[])
- struct nft_handle h;
+ struct nft_handle h = {
+ .family = AF_INET, /* default to IPv4 */
+ };
char buffer[10240];
int c;
char curtable[XT_TABLE_MAXNAMELEN + 1];