diff options
author | Phil Sutter <phil@nwl.cc> | 2020-02-13 14:01:50 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2020-02-14 12:16:41 +0100 |
commit | 94488d4eb912f5af4c88d148b39b38eb8a3c1f0b (patch) | |
tree | 30cbcb685bba41fe8e1eb949d260646f0097256f /iptables | |
parent | 2b2b7948c1960ba4680677664ff58477be869de6 (diff) |
xtables-translate: Fix for iface++
In legacy iptables, only the last plus sign remains special, any
previous ones are taken literally. Therefore xtables-translate must not
replace all of them with asterisk but just the last one.
Fixes: e179e87a1179e ("xtables-translate: Fix for interface name corner-cases")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables')
-rw-r--r-- | iptables/xtables-translate.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c index c4e177c0..0f95855b 100644 --- a/iptables/xtables-translate.c +++ b/iptables/xtables-translate.c @@ -40,9 +40,6 @@ void xlate_ifname(struct xt_xlate *xl, const char *nftmeta, const char *ifname, for (i = 0, j = 0; i < ifaclen + 1; i++, j++) { switch (ifname[i]) { - case '+': - iface[j] = '*'; - break; case '*': iface[j++] = '\\'; /* fall through */ @@ -65,6 +62,9 @@ void xlate_ifname(struct xt_xlate *xl, const char *nftmeta, const char *ifname, invert = false; } + if (iface[j - 2] == '+') + iface[j - 2] = '*'; + xt_xlate_add(xl, "%s %s\"%s\" ", nftmeta, invert ? "!= " : "", iface); } |