From 63c3dae305cf27cabe5577da5599ddc26f4af36c Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Mon, 6 Aug 2018 17:21:57 +0200 Subject: xtables: Implement arptables-{save,restore} This adds C implementations for arptables-save and -restore in compat layer based on the two perl scripts in legacy arptables repository. To share common code, introduce nft_init_arp() analogous to nft_init_eb() introduced earlier. Signed-off-by: Phil Sutter Signed-off-by: Florian Westphal --- iptables/xtables-arp.c | 39 ++++++++++++++++++++++++++++++--------- 1 file changed, 30 insertions(+), 9 deletions(-) (limited to 'iptables/xtables-arp.c') diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c index 62282f42..a457ea30 100644 --- a/iptables/xtables-arp.c +++ b/iptables/xtables-arp.c @@ -928,7 +928,36 @@ delete_entry(const char *chain, return ret; } -int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table) +int nft_init_arp(struct nft_handle *h, const char *pname) +{ + arptables_globals.program_name = pname; + if (xtables_init_all(&arptables_globals, NFPROTO_ARP) < 0) { + fprintf(stderr, "%s/%s Failed to initialize arptables-compat\n", + arptables_globals.program_name, + arptables_globals.program_version); + exit(1); + } + +#if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS) + init_extensionsa(); +#endif + + memset(h, 0, sizeof(*h)); + h->family = NFPROTO_ARP; + + if (nft_init(h, xtables_arp) < 0) + xtables_error(OTHER_PROBLEM, + "Could not initialize nftables layer."); + + h->ops = nft_family_ops_lookup(h->family); + if (h->ops == NULL) + xtables_error(PARAMETER_PROBLEM, "Unknown family"); + + return 0; +} + +int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table, + bool restore) { struct iptables_command_state cs = { .jumpto = "", @@ -1356,14 +1385,6 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table) "chain name `%s' too long (must be under %i chars)", chain, ARPT_FUNCTION_MAXNAMELEN); - if (nft_init(h, xtables_arp) < 0) - xtables_error(OTHER_PROBLEM, - "Could not initialize nftables layer."); - - h->ops = nft_family_ops_lookup(h->family); - if (h->ops == NULL) - xtables_error(PARAMETER_PROBLEM, "Unknown family"); - if (command == CMD_APPEND || command == CMD_DELETE || command == CMD_INSERT -- cgit v1.2.3