From fe70364b361194f5271661eb15207b10572d3fba Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Sat, 18 Nov 2023 04:28:25 +0100 Subject: xshared: Do not populate interface masks per default These are needed by legacy variants only, so introduce a simplified xtables_parse_interface() replacement which does not deal with them and a small function which sets the mask based on given interface name for use by legacy tools. Signed-off-by: Phil Sutter --- iptables/iptables.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'iptables/iptables.c') diff --git a/iptables/iptables.c b/iptables/iptables.c index ce65c30a..69dd2890 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -706,6 +706,9 @@ int do_command4(int argc, char *argv[], char **table, smasks = args.s.mask.v4; dmasks = args.d.mask.v4; + iface_to_mask(cs.fw.ip.iniface, cs.fw.ip.iniface_mask); + iface_to_mask(cs.fw.ip.outiface, cs.fw.ip.outiface_mask); + /* Attempt to acquire the xtables lock */ if (!restore) xtables_lock_or_exit(wait); -- cgit v1.2.3