]> git.ipfire.org Git - thirdparty/iptables.git/commit
projects / thirdparty / iptables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c9d41ce) | patch
nft: check for unknown meta keys
authorFlorian Westphal <fw@strlen.de>
Fri, 18 Nov 2022 14:20:32 +0000 (15:20 +0100)
committerFlorian Westphal <fw@strlen.de>
Wed, 23 Nov 2022 08:19:01 +0000 (09:19 +0100)
commit25883ce88bfba087ef142cb909d59dbbc1818b32
tree06d7347a6239f9ef36aa6653df685264d03da5fctree | snapshot
parentc9d41cefbe6eafb4a6b12c69fc1fa54b716d6c99commit | diff
nft: check for unknown meta keys

Set ->errmsg when the meta key isn't supported by iptables-nft instead
of pretending everything is fine.

The old code is good enough to handle rules added by iptables-nft, but
its not enough to handle rules added by native nft.

At least make sure that there is a an error message telling that
iptables-nft could not decode the entire ruleset.

Signed-off-by: Florian Westphal <fw@strlen.de>
iptables/nft-arp.c diff | blob | blame | history
iptables/nft-bridge.c diff | blob | blame | history
iptables/nft-ipv4.c diff | blob | blame | history
iptables/nft-ipv6.c diff | blob | blame | history
Mirror of git://git.netfilter.org/iptables