diff options
| author | Phil Sutter <phil@nwl.cc> | 2021-09-27 16:59:49 +0200 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2021-10-20 11:32:54 +0200 |
| commit | cfdda18044d81ca2e8a4f9df8a518290e2e94a07 (patch) | |
| tree | 6ffd74661a974fbdbd06c658e7a7580f3376835b /iptables | |
| parent | 65b150ae382a8b5d1fc7f2465b3ac590c1601ce1 (diff) | |
nft-shared: Introduce init_cs family ops callback
Arptables sets a few defaults in struct iptables_command_state upon
initialization. Introduce a callback to do that.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables')
| -rw-r--r-- | iptables/nft-arp.c | 9 | ||||
| -rw-r--r-- | iptables/nft-shared.h | 1 | ||||
| -rw-r--r-- | iptables/xtables.c | 12 |
3 files changed, 17 insertions, 5 deletions
diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c index 2a9387a1..fbaf1a6d 100644 --- a/iptables/nft-arp.c +++ b/iptables/nft-arp.c @@ -546,6 +546,14 @@ static void nft_arp_save_chain(const struct nftnl_chain *c, const char *policy) printf(":%s %s\n", chain, policy ?: "-"); } +static void nft_arp_init_cs(struct iptables_command_state *cs) +{ + cs->arp.arp.arhln = 6; + cs->arp.arp.arhln_mask = 255; + cs->arp.arp.arhrd = htons(ARPHRD_ETHER); + cs->arp.arp.arhrd_mask = 65535; +} + struct nft_family_ops nft_family_ops_arp = { .add = nft_arp_add, .is_same = nft_arp_is_same, @@ -559,6 +567,7 @@ struct nft_family_ops nft_family_ops_arp = { .save_chain = nft_arp_save_chain, .post_parse = NULL, .rule_to_cs = nft_rule_to_iptables_command_state, + .init_cs = nft_arp_init_cs, .clear_cs = nft_clear_iptables_command_state, .parse_target = nft_ipv46_parse_target, }; diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h index cc8f3a79..71094a28 100644 --- a/iptables/nft-shared.h +++ b/iptables/nft-shared.h @@ -106,6 +106,7 @@ struct nft_family_ops { struct xtables_args *args); void (*parse_match)(struct xtables_match *m, void *data); void (*parse_target)(struct xtables_target *t, void *data); + void (*init_cs)(struct iptables_command_state *cs); void (*rule_to_cs)(struct nft_handle *h, const struct nftnl_rule *r, struct iptables_command_state *cs); void (*clear_cs)(struct iptables_command_state *cs); diff --git a/iptables/xtables.c b/iptables/xtables.c index c17cf7ae..092edaaf 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -433,10 +433,6 @@ void do_parse(struct nft_handle *h, int argc, char *argv[], bool invert = false; int wait = 0; - memset(cs, 0, sizeof(*cs)); - cs->jumpto = ""; - cs->argv = argv; - /* re-set optind to 0 in case do_command4 gets called * a second time */ optind = 0; @@ -912,11 +908,17 @@ int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table, .table = *table, .restore = restore, }; - struct iptables_command_state cs; + struct iptables_command_state cs = { + .jumpto = "", + .argv = argv, + }; struct xtables_args args = { .family = h->family, }; + if (h->ops->init_cs) + h->ops->init_cs(&cs); + do_parse(h, argc, argv, &p, &cs, &args); switch (p.command) { |