arptables: Fix --proto-type mask formatting

Arptables accepts numeric --proto-type values and masks in any numeral
system identified by (absence of) prefix. Yet it prints the mask value
in hex without '0x'-prefix, breaking save and restore the same way
numeric --h-type output did.

In theory, this could be fixed either by adding the missing prefix or
printing the mask in decimal (like most other builtin matches do), but
since the value is printed in hex with prefix already, align mask output
with that.

Also a day 1 bug and consistent with legacy, so no Fixes: tag here as
well.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Florian Westphal <fw@strlen.de>

diff --git a/extensions/libarpt_standard.t b/extensions/libarpt_standard.t
index a2b0a36a4a6bfd3aba0fe2d59c4e11240af668fb..b9a3560660372cd1dbe042e48752c574e20ceb51 100644 (file)
--- a/extensions/libarpt_standard.t
+++ b/extensions/libarpt_standard.t
@@ -16,3 +16,7 @@
 --src-mac ! 01:02:03:04:05:06 --dst-mac ! 07:08:09:0A:0B:0C --h-length ! 6 --opcode ! Request --h-type ! Ethernet --proto-type ! ipv4;! --src-mac 01:02:03:04:05:06 ! --dst-mac 07:08:09:0a:0b:0c ! --h-length 6 ! --opcode 1 ! --h-type 0x1 ! --proto-type 0x800;OK
 --h-type 10;--h-type 0x10;OK
 --h-type 0x10;=;OK
+--proto-type 10;--proto-type 0xa;OK
+--proto-type 10/10;--proto-type 0xa/0xa;OK
+--proto-type 0x10;=;OK
+--proto-type 0x10/0x10;=;OK

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index 83aec5003004ecb291a3bf7eb70048a6637bc6f0..38b2ab399312847c35d03749bb37d754ae7465c2 100644 (file)
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -339,7 +339,7 @@ after_devdst:
                else
                        printf("--proto-type 0x%x", tmp);
                if (fw->arp.arpro_mask != 65535)
-                       printf("/%x", ntohs(fw->arp.arpro_mask));
+                       printf("/0x%x", ntohs(fw->arp.arpro_mask));
                sep = " ";
        }
 }