From 07f4ca96816886635acfb9478b2d04929938eb78 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Tue, 8 May 2018 16:31:29 +0200 Subject: xtables-compat: ebtables: allow checking for zero-mac Allow checking for an all-zero mac address by replacing checks on the address with a check on the option flag. Its set when '-d' or '-s' appears on the command line and when seeing a linklayer payload request for ether s/daddr. Same for -p: s this flag gets removed during getopt when 'p' is encountered. So, if its set, no need to check protocol type. Signed-off-by: Florian Westphal --- iptables/xtables-eb.c | 1 + 1 file changed, 1 insertion(+) (limited to 'iptables/xtables-eb.c') diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c index 5f8f0fb5..ba26aca1 100644 --- a/iptables/xtables-eb.c +++ b/iptables/xtables-eb.c @@ -790,6 +790,7 @@ int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table) /* prevent getopt to spoil our error reporting */ opterr = false; + cs.eb.bitmask = EBT_NOPROTO; /* Getopt saves the day */ while ((c = getopt_long(argc, argv, -- cgit v1.2.3