xtables-translate: Support insert with index

Translation is pretty simple due to nft's 'insert rule ... index' support. Testing the translation is sadly not: index 1 vanishes (as it should), higher indexes are rejected in replay mode since no rules previously exist. Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2023-02-03 18:25:21 +0100
committer: Phil Sutter <phil@nwl.cc> 2023-02-17 18:18:48 +0100
commit: 68fdf09ecfd1769ec68a7df51f564578dbdc0ddf (patch)
tree: bc19d2ca378a4976d3e123179c4c17717701bf9f /iptables
parent: 267a26363826553280a5928043df30a07cdc63bb (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c
index 22b2fbc8..88e0a6b6 100644
--- a/iptables/xtables-translate.c
+++ b/iptables/xtables-translate.c
@@ -173,6 +173,8 @@ static int nft_rule_xlate_add(struct nft_handle *h,
 	       tick,
 	       append ? "add" : "insert",
 	       family2str[h->family], p->table, p->chain);
+	if (!append && p->rulenum > 1)
+		printf("index %d ", p->rulenum);
 
 	printf("%s%s\n", xt_xlate_rule_get(xl), tick);
author	Phil Sutter <phil@nwl.cc>	2023-02-03 18:25:21 +0100
committer	Phil Sutter <phil@nwl.cc>	2023-02-17 18:18:48 +0100
commit	68fdf09ecfd1769ec68a7df51f564578dbdc0ddf (patch)
tree	bc19d2ca378a4976d3e123179c4c17717701bf9f /iptables
parent	267a26363826553280a5928043df30a07cdc63bb (diff)