Drop the local reimplementation. It was barely different enough to
be buggy:
| % ebtables-nft -A foo -o eth0 -j ACCEPT
| % xtables-nft-multi ebtables-translate -A foo -o eth0 -j ACCEPT
| ebtables-translate v1.8.5 (nf_tables): Use -o only in OUTPUT, FORWARD and POSTROUTING chains
| Try `ebtables-translate -h' or 'ebtables-translate --help' for more information.
With this change, output is as expected:
| % xtables-nft-multi ebtables-translate -A foo -o eth0 -j ACCEPT
| nft add rule bridge filter foo oifname "eth0" counter accept
This is roughly the same issue fixed in commit
e1ccd979e6849 ("ebtables:
fix over-eager -o checks on custom chains").
Signed-off-by: Phil Sutter <phil@nwl.cc>
return rule_nr;
}
-static int get_current_chain(const char *chain)
-{
- if (strcmp(chain, "PREROUTING") == 0)
- return NF_BR_PRE_ROUTING;
- else if (strcmp(chain, "INPUT") == 0)
- return NF_BR_LOCAL_IN;
- else if (strcmp(chain, "FORWARD") == 0)
- return NF_BR_FORWARD;
- else if (strcmp(chain, "OUTPUT") == 0)
- return NF_BR_LOCAL_OUT;
- else if (strcmp(chain, "POSTROUTING") == 0)
- return NF_BR_POST_ROUTING;
-
- return -1;
-}
-
/*
* The original ebtables parser
*/
"Multiple commands are not allowed");
command = c;
chain = optarg;
- selected_chain = get_current_chain(chain);
+ selected_chain = ebt_get_current_chain(chain);
p.chain = chain;
flags |= OPT_COMMAND;
projects / thirdparty / iptables.git / commitdiff
