From f38ed1e59f8d3b62e322563401cabc6dbac5fca5 Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Wed, 18 Apr 2018 00:09:05 +0200
Subject: xt-translate: quote interface names in translated output

it its good practice as interface names can be virtually any
identifier and could clash with nft keywords.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 extensions/libxt_udp.txlate | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'extensions/libxt_udp.txlate')

diff --git a/extensions/libxt_udp.txlate b/extensions/libxt_udp.txlate
index a9adfcda..fbca5c12 100644
--- a/extensions/libxt_udp.txlate
+++ b/extensions/libxt_udp.txlate
@@ -1,8 +1,8 @@
 iptables-translate -A INPUT -p udp -i eth0 --sport 53 -j ACCEPT
-nft add rule ip filter INPUT iifname eth0 udp sport 53 counter accept
+nft add rule ip filter INPUT iifname "eth0" udp sport 53 counter accept
 
 iptables-translate -A OUTPUT -p udp -o eth0 --dport 53:66 -j DROP
-nft add rule ip filter OUTPUT oifname eth0 udp dport 53-66 counter drop
+nft add rule ip filter OUTPUT oifname "eth0" udp dport 53-66 counter drop
 
 iptables-translate -I OUTPUT -p udp -d 8.8.8.8 -j ACCEPT
 nft insert rule ip filter OUTPUT ip protocol udp ip daddr 8.8.8.8 counter accept
-- 
cgit v1.2.3