From: Phil Sutter <phil@nwl.cc>
Date: Thu, 16 Nov 2023 16:03:10 +0000 (+0100)
Subject: xshared: Drop pointless CMD_REPLACE check
X-Git-Tag: v1.8.11~163
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=267f83f5e1b3fb5b82973c154c8b445701be0a58;p=thirdparty%2Fiptables.git

xshared: Drop pointless CMD_REPLACE check

All current users set default source and destination addresses in their
post_parse callbacks, so legacy variants are safe and nft variants don't
have this restriction anyway.

Signed-off-by: Phil Sutter <phil@nwl.cc>
---

diff --git a/iptables/xshared.c b/iptables/xshared.c
index 53e72b7a..c4d7a266 100644
--- a/iptables/xshared.c
+++ b/iptables/xshared.c
@@ -1836,11 +1836,6 @@ void do_parse(int argc, char *argv[],
 	if (p->ops->post_parse)
 		p->ops->post_parse(p->command, cs, args);
 
-	if (p->command == CMD_REPLACE &&
-	    (args->s.naddrs != 1 || args->d.naddrs != 1))
-		xtables_error(PARAMETER_PROBLEM, "Replacement rule does not "
-			   "specify a unique address");
-
 	generic_opt_check(p->command, cs->options);
 
 	if (p->chain != NULL && strlen(p->chain) >= XT_EXTENSION_MAXNAMELEN)