summaryrefslogtreecommitdiffstats
path: root/iptables/xtables-eb-translate.c
Commit message (Collapse)AuthorAgeFilesLines
* ebtables-translate: Fix segfault while parsing extension optionsPhil Sutter2018-08-241-27/+6
| | | | | | | | | | | | | | | Previous review of match/target lookup did not consider xtables-eb-translate.c which contains the same code. Fix parsing of target/match arguments there as well by introducing ebt_command_default() which consolidates the previously duplicated code. One notable quirk in comparison to the similar xtables code: Since ebtables allows for negations in ugly places (e.g. '--arp-opcode ! 1'), ebt_check_inverse2() has to be called first. Fixes: aa7fb04fcf72c ("ebtables: Review match/target lookup") Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* iptables: replace memset by c99-style initializersPhil Sutter2018-07-191-5/+4
| | | | | | | | This cleans up a few obvious cases identified by grepping the source code for 'memset'. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Florian Westphal <fw@strlen.de>
* xtables: silence two compiler warningsFlorian Westphal2018-06-171-1/+0
| | | | | | | | | | | inlined from ‘do_commandarp’ at xtables-arp.c:1198:16: xtables-arp.c:844:2: warning: ‘strncpy’ specified bound 29 equals destination size [-Wstringop-truncation] strncpy(target->t->u.user.name, jumpto, sizeof(target->t->u.user.name)); xtables-eb-translate.c: In function ‘do_commandeb_xlate’: xtables-eb-translate.c:285:6: warning: unused variable ‘chcounter’ [-Wunused-variable] int chcounter = 0; /* Needed for -C */ ^~~~~~~~~ Signed-off-by: Florian Westphal <fw@strlen.de>
* ebtables-translate: remove --change-counters codeFlorian Westphal2018-06-151-73/+5
| | | | | | Not used in the translator, so zap it. Signed-off-by: Florian Westphal <fw@strlen.de>
* xtables-compat: ebtables: prefer snprintf to strncpyFlorian Westphal2018-05-201-1/+2
| | | | | | | | | gcc emits these warnings: xtables-eb-translate.c:185:2: warning: ‘strncpy’ specified bound 29 equals destination size [-Wstringop-truncation] strncpy(target->t->u.user.name, jumpto, sizeof(target->t->u.user.name)); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Florian Westphal <fw@strlen.de>
* xtables-compat: ebtables: allow checking for zero-macFlorian Westphal2018-05-101-1/+1
| | | | | | | | | | | | | | Allow checking for an all-zero mac address by replacing checks on the address with a check on the option flag. Its set when '-d' or '-s' appears on the command line and when seeing a linklayer payload request for ether s/daddr. Same for -p: s this flag gets removed during getopt when 'p' is encountered. So, if its set, no need to check protocol type. Signed-off-by: Florian Westphal <fw@strlen.de>
* xtables-compat: ebtables: add and use helper to parse all interface namesFlorian Westphal2018-05-101-28/+12
| | | | Signed-off-by: Florian Westphal <fw@strlen.de>
* xtables-compat: ebtables: kill ebtables_command_stateFlorian Westphal2018-05-101-27/+27
| | | | | | | | Use iptables_command_state instead. This allows to re-use code from the ip(6)tables layer and reduces cop&pasted code. Signed-off-by: Florian Westphal <fw@strlen.de>
* ebtables-translate: turn off useless compat queriesFlorian Westphal2018-04-271-0/+6
| | | | | | | not needed as we won't be installing any rules. So just assume kernel supports everything. Signed-off-by: Florian Westphal <fw@strlen.de>
* ebtables-translate: update table name on -tFlorian Westphal2018-04-221-0/+1
| | | | Signed-off-by: Florian Westphal <fw@strlen.de>
* xt-compat: add ebtables-translateFlorian Westphal2018-04-131-0/+800
Signed-off-by: Florian Westphal <fw@strlen.de>