arptables-nft: Set h-type/h-length masks by default, too

These masks are not used in nftables backend, but mangle extension
checks arhln_mask value to make sure --h-length was given (which is
implicitly the case).

Fixes: 5aecb2d8bfdda ("arptables: pre-init hlen and ethertype")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c
index 57e717fa901a1187bd9ec6b154e2999b96e7b408..4b663775c5bee110d4d906044ec639b5f8b41d39 100644 (file)
--- a/iptables/xtables-arp.c
+++ b/iptables/xtables-arp.c
@@ -910,8 +910,12 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table,
 {
        struct iptables_command_state cs = {
                .jumpto = "",
-               .arp.arp.arhln = 6,
-               .arp.arp.arhrd = htons(ARPHRD_ETHER),
+               .arp.arp = {
+                       .arhln = 6,
+                       .arhln_mask = 255,
+                       .arhrd = htons(ARPHRD_ETHER),
+                       .arhrd_mask = 65535,
+               },
        };
        int invert = 0;
        unsigned int nsaddrs = 0, ndaddrs = 0;