From ed8247182d45f6208f86dd87d12e6239e0e54909 Mon Sep 17 00:00:00 2001 From: Giuseppe Longo Date: Wed, 18 Sep 2013 12:34:15 +0200 Subject: xtables: arp: add rule replacement support The following patch permit to replace rule in xtables-arp. Signed-off-by: Giuseppe Longo Signed-off-by: Pablo Neira Ayuso --- iptables/xtables-arp.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c index 91876174..8dfdf63e 100644 --- a/iptables/xtables-arp.c +++ b/iptables/xtables-arp.c @@ -734,7 +734,7 @@ parse_rulenumber(const char *rule) { unsigned int rulenum; - if (string_to_number(rule, 1, INT_MAX, &rulenum) == -1) + if (!xtables_strtoui(rule, NULL, &rulenum, 1, INT_MAX)) xtables_error(PARAMETER_PROBLEM, "Invalid rule number `%s'", rule); @@ -896,6 +896,21 @@ append_entry(struct nft_handle *h, return ret; } +static int +replace_entry(const char *chain, + const char *table, + struct arpt_entry *fw, + unsigned int rulenum, + const struct in_addr *saddr, + const struct in_addr *daddr, + bool verbose, struct nft_handle *h) +{ + fw->arp.src.s_addr = saddr->s_addr; + fw->arp.tgt.s_addr = daddr->s_addr; + + return nft_rule_replace(h, chain, table, fw, rulenum, verbose); +} + int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table) { struct arpt_entry fw, *e = NULL; @@ -1396,9 +1411,8 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table) /*ret = arptc_delete_num_entry(chain, rulenum - 1, handle);*/ break; case CMD_REPLACE: - /*ret = replace_entry(chain, e, rulenum - 1, - saddrs, daddrs, options&OPT_VERBOSE, - handle);*/ + ret = replace_entry(chain, *table, e, rulenum - 1, + saddrs, daddrs, options&OPT_VERBOSE, h); break; case CMD_INSERT: ret = append_entry(h, chain, *table, e, rulenum - 1, -- cgit v1.2.3