.proto_parse = ipv6_proto_parse,
.post_parse = ipv6_post_parse,
.option_name = ip46t_option_name,
+ .option_invert = ip46t_option_invert,
};
struct xt_cmd_parse p = {
.table = *table,
.proto_parse = ipv4_proto_parse,
.post_parse = ipv4_post_parse,
.option_name = ip46t_option_name,
+ .option_invert = ip46t_option_invert,
};
struct xt_cmd_parse p = {
.table = *table,
}
}
+static int nft_arp_option_invert(int option)
+{
+ switch (option) {
+ case OPT_S_MAC: return IPT_INV_SRCDEVADDR;
+ case OPT_D_MAC: return IPT_INV_TGTDEVADDR;
+ case OPT_H_LENGTH: return IPT_INV_ARPHLN;
+ case OPT_OPCODE: return IPT_INV_ARPOP;
+ case OPT_H_TYPE: return IPT_INV_ARPHRD;
+ case OPT_P_TYPE: return IPT_INV_PROTO;
+ default: return ip46t_option_invert(option);
+ }
+}
+
struct nft_family_ops nft_family_ops_arp = {
.add = nft_arp_add,
.is_same = nft_arp_is_same,
.cmd_parse = {
.post_parse = nft_arp_post_parse,
.option_name = nft_arp_option_name,
+ .option_invert = nft_arp_option_invert,
},
.rule_to_cs = nft_rule_to_iptables_command_state,
.init_cs = nft_arp_init_cs,
.proto_parse = ipv4_proto_parse,
.post_parse = ipv4_post_parse,
.option_name = ip46t_option_name,
+ .option_invert = ip46t_option_invert,
},
.rule_to_cs = nft_rule_to_iptables_command_state,
.clear_cs = xtables_clear_iptables_command_state,
.proto_parse = ipv6_proto_parse,
.post_parse = ipv6_post_parse,
.option_name = ip46t_option_name,
+ .option_invert = ip46t_option_invert,
},
.rule_to_cs = nft_rule_to_iptables_command_state,
.clear_cs = xtables_clear_iptables_command_state,
}
}
-static const int inverse_for_options[NUMBER_OF_OPT] =
+int ip46t_option_invert(int option)
{
-/* -n */ 0,
-/* -s */ IPT_INV_SRCIP,
-/* -d */ IPT_INV_DSTIP,
-/* -p */ XT_INV_PROTO,
-/* -j */ 0,
-/* -v */ 0,
-/* -x */ 0,
-/* -i */ IPT_INV_VIA_IN,
-/* -o */ IPT_INV_VIA_OUT,
-/*--line*/ 0,
-/* -c */ 0,
-/* -f */ IPT_INV_FRAG,
-/* 2 */ IPT_INV_SRCDEVADDR,
-/* 3 */ IPT_INV_TGTDEVADDR,
-/* -l */ IPT_INV_ARPHLN,
-/* 4 */ IPT_INV_ARPOP,
-/* 5 */ IPT_INV_ARPHRD,
-/* 6 */ IPT_INV_PROTO,
-};
+ switch (option) {
+ case OPT_SOURCE: return IPT_INV_SRCIP;
+ case OPT_DESTINATION: return IPT_INV_DSTIP;
+ case OPT_PROTOCOL: return XT_INV_PROTO;
+ case OPT_VIANAMEIN: return IPT_INV_VIA_IN;
+ case OPT_VIANAMEOUT: return IPT_INV_VIA_OUT;
+ case OPT_FRAGMENT: return IPT_INV_FRAG;
+ default: return -1;
+ }
+}
static void
set_option(struct xt_cmd_parse_ops *ops,
*options |= option;
if (invert) {
- unsigned int i;
- for (i = 0; 1 << i != option; i++);
+ int invopt = ops->option_invert(option);
- if (!inverse_for_options[i])
+ if (invopt < 0)
xtables_error(PARAMETER_PROBLEM,
"cannot have ! before %s",
ops->option_name(option));
- *invflg |= inverse_for_options[i];
+ *invflg |= invopt;
}
}
struct iptables_command_state *cs,
struct xtables_args *args);
const char *(*option_name)(int option);
+ int (*option_invert)(int option);
};
struct xt_cmd_parse {
};
const char *ip46t_option_name(int option);
+int ip46t_option_invert(int option);
void do_parse(int argc, char *argv[],
struct xt_cmd_parse *p, struct iptables_command_state *cs,
projects / thirdparty / iptables.git / commitdiff
