git.ipfire.org Git - thirdparty/iptables.git/commit

author	Phil Sutter <phil@nwl.cc>
	Thu, 13 Feb 2020 16:49:53 +0000 (17:49 +0100)
committer	Phil Sutter <phil@nwl.cc>
	Tue, 18 Feb 2020 16:03:15 +0000 (17:03 +0100)
commit	c33bae9c6c7a49c8af16df846e6112fc4727e643
tree	2e272106667f9ab63f5901c1e244a65707b3d4eb	tree
parent	94488d4eb912f5af4c88d148b39b38eb8a3c1f0b	commit \| diff

ebtables: among: Support mixed MAC and MAC/IP entries

Powered by Stefano's support for concatenated ranges, a full among match
replacement can be implemented. The trick is to add MAC-only elements as
a concatenation of MAC and zero-length prefix, i.e. a range from
0.0.0.0 till 255.255.255.255.

Although not quite needed, detection of pure MAC-only matches is left in
place. For those, no implicit 'meta protocol' match is added (which is
required otherwise at least to keep nft output correct) and no concat
type is used for the set.

Signed-off-by: Phil Sutter <phil@nwl.cc>

extensions/libebt_among.c		diff \| blob \| blame \| history
extensions/libebt_among.t		diff \| blob \| blame \| history
iptables/ebtables-nft.8		diff \| blob \| blame \| history
iptables/nft.c		diff \| blob \| blame \| history