summaryrefslogtreecommitdiffstats
path: root/iptables/nft-bridge.h
Commit message (Collapse)AuthorAgeFilesLines
* xtables-compat: ebtables: allow checking for zero-macFlorian Westphal2018-05-101-3/+0
| | | | | | | | | | | | | | Allow checking for an all-zero mac address by replacing checks on the address with a check on the option flag. Its set when '-d' or '-s' appears on the command line and when seeing a linklayer payload request for ether s/daddr. Same for -p: s this flag gets removed during getopt when 'p' is encountered. So, if its set, no need to check protocol type. Signed-off-by: Florian Westphal <fw@strlen.de>
* xtables-compat: ebtables: kill ebtables_command_stateFlorian Westphal2018-05-101-53/+3
| | | | | | | | Use iptables_command_state instead. This allows to re-use code from the ip(6)tables layer and reduces cop&pasted code. Signed-off-by: Florian Westphal <fw@strlen.de>
* xtables-eb: export 3 functionsFlorian Westphal2018-04-131-0/+5
| | | | | | Will be used from eb-translate parser. Signed-off-by: Florian Westphal <fw@strlen.de>
* nft-bridge: add forward declaration for struct nftnl_ruleFlorian Westphal2018-04-131-0/+1
| | | | | | nft-bridge.h:121:48: warning: 'struct nftnl_rule' declared inside parameter list will not be visible outside .. Signed-off-by: Florian Westphal <fw@strlen.de>
* iptables-compat: use new symbols in libnftnlPablo Neira Ayuso2015-09-161-1/+1
| | | | | | | | | Adapt this code to use the new symbols in libnftnl. This patch contains quite some renaming to reserve the nft_ prefix for our high level library. Explicitly request libnftnl 1.0.5 at configure stage. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* ebtables-compat: add watchers supportArturo Borrero2015-02-111-0/+13
| | | | | | | ebtables watchers are targets which always return EBT_CONTINUE. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* ebtables-compat: finish target infrastructureArturo Borrero2015-02-031-0/+53
| | | | | Signed-off-by: Arturo Borrero <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* ebtables-compat: fix printing of extensionArturo Borrero2015-01-051-0/+1
| | | | | | | | | | | | | This patch fix printing of ebt extensions: % sudo ebtables-compat -L [...] Bridge chain: FORWARD, entries: 1, policy: ACCEPT --802_3-type 0x0012 -j ACCEPT [...] Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* extensions: add ebt 802_3 extensionArturo Borrero2014-12-231-0/+6
| | | | | | | | | | | | | | This patch adds the first ebtables extension to ebtables-compat. The original 802_3 code is adapted to the xtables environment. I tried to mimic as much as possible the original ebtables code paths. With this patch, ebtables-compat is able to send the 802_3 match to the kernel, but the kernel-to-userspace path is not tested and should be adjusted in follow-up patches. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* ebtables-compat: use ebtables_command_state in bootstrap codePablo Neira Ayuso2014-11-241-0/+98
And introduce fake ebt_entry. This gets the code in sync in other existing compat tools. This will likely allow to consolidate common infrastructure. This code is still quite experimental. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>