git.ipfire.org Git - thirdparty/iptables.git/commit

author	Florian Westphal <fw@strlen.de>
	Tue, 10 Sep 2019 21:10:59 +0000 (23:10 +0200)
committer	Florian Westphal <fw@strlen.de>
	Thu, 12 Sep 2019 11:05:53 +0000 (13:05 +0200)
commit	e1ccd979e6849748578fad76475c688bdd16df0d
tree	7095715be883c464eb23ba496ce987120bc12269	tree
parent	8934ced112e9cbe03072f50df0975fe6840f14b3	commit \| diff

ebtables: fix over-eager -o checks on custom chains

Arturo reports ebtables-nft reports an error when -o is
used in custom chains:

-A MYCHAIN -o someif
makes ebtables-nft exit with an error:
"Use -o only in OUTPUT, FORWARD and POSTROUTING chains."

Problem is that all the "-o" checks expect <= NF_BR_POST_ROUTING
to mean "builtin", so -1 mistakenly leads to the checks being active.

Reported-by: Arturo Borrero Gonzalez <arturo@netfilter.org>
Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1347
Signed-off-by: Florian Westphal <fw@strlen.de>

extensions/libebt_standard.t		diff \| blob \| blame \| history
iptables/tests/shell/testcases/ebtables/0005-ifnamechecks_0	[new file with mode: 0755]	blob
iptables/xtables-eb.c		diff \| blob \| blame \| history