nft: Merge xtables-arp-standalone.c into xtables-standalone.c

By declaring the relevant family_ops callbacks for arptables, the code
becomes ready to just use do_commandx() instead of a dedicated parser.

As a side-effect, this enables a bunch of new features in arptables-nft:

* Support '-C' command
* Support '-S' command
* Support rule indexes just like xtables, e.g. in '-I' or '-R' commands
* Reject chain names starting with '!'
* Support '-c N,M' counter syntax

Since arptables still accepts intrapositioned negations, add code to
cover that but print a warning like iptables did 12 years ago prior to
removing the functionality.

Signed-off-by: Phil Sutter <phil@nwl.cc>

1 files changed, 16 insertions, 3 deletions

diff --git a/iptables/xtables-standalone.c b/iptables/xtables-standalone.c
index 19d663b0..5482a856 100644
--- a/iptables/xtables-standalone.c
+++ b/iptables/xtables-standalone.c
@@ -68,9 +68,17 @@ xtables_main(int family, const char *progname, int argc, char *argv[])
 	}
 	xt_params->program_name = progname;
 #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
-	init_extensions();
-	init_extensions4();
-	init_extensions6();
+	switch (family) {
+	case NFPROTO_IPV4:
+	case NFPROTO_IPV6:
+		init_extensions();
+		init_extensions4();
+		init_extensions6();
+		break;
+	case NFPROTO_ARP:
+		init_extensionsa();
+		break;
+	}
 #endif
 
 	if (nft_init(&h, family) < 0) {
@@ -107,3 +115,8 @@ int xtables_ip6_main(int argc, char *argv[])
 {
 	return xtables_main(NFPROTO_IPV6, "ip6tables", argc, argv);
 }
+
+int xtables_arp_main(int argc, char *argv[])
+{
+	return xtables_main(NFPROTO_ARP, "arptables", argc, argv);
+}