From: Phil Sutter <phil@nwl.cc>
To: Florian Westphal <fw@strlen.de>
Cc: netfilter-devel@vger.kernel.org
Subject: [iptables PATCH 2/3] arptables: Fix --proto-type mask formatting
Date: Wed, 8 Nov 2023 04:31:29 +0100 [thread overview]
Message-ID: <20231108033130.18747-2-phil@nwl.cc> (raw)
In-Reply-To: <20231108033130.18747-1-phil@nwl.cc>
Arptables accepts numeric --proto-type values and masks in any numeral
system identified by (absence of) prefix. Yet it prints the mask value
in hex without '0x'-prefix, breaking save and restore the same way
numeric --h-type output did.
In theory, this could be fixed either by adding the missing prefix or
printing the mask in decimal (like most other builtin matches do), but
since the value is printed in hex with prefix already, align mask output
with that.
Also a day 1 bug and consistent with legacy, so no Fixes: tag here as
well.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
extensions/libarpt_standard.t | 4 ++++
iptables/nft-arp.c | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/extensions/libarpt_standard.t b/extensions/libarpt_standard.t
index a2b0a36a4a6bf..b9a3560660372 100644
--- a/extensions/libarpt_standard.t
+++ b/extensions/libarpt_standard.t
@@ -16,3 +16,7 @@
--src-mac ! 01:02:03:04:05:06 --dst-mac ! 07:08:09:0A:0B:0C --h-length ! 6 --opcode ! Request --h-type ! Ethernet --proto-type ! ipv4;! --src-mac 01:02:03:04:05:06 ! --dst-mac 07:08:09:0a:0b:0c ! --h-length 6 ! --opcode 1 ! --h-type 0x1 ! --proto-type 0x800;OK
--h-type 10;--h-type 0x10;OK
--h-type 0x10;=;OK
+--proto-type 10;--proto-type 0xa;OK
+--proto-type 10/10;--proto-type 0xa/0xa;OK
+--proto-type 0x10;=;OK
+--proto-type 0x10/0x10;=;OK
diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index 83aec5003004e..38b2ab3993128 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -339,7 +339,7 @@ static void nft_arp_print_rule_details(const struct iptables_command_state *cs,
else
printf("--proto-type 0x%x", tmp);
if (fw->arp.arpro_mask != 65535)
- printf("/%x", ntohs(fw->arp.arpro_mask));
+ printf("/0x%x", ntohs(fw->arp.arpro_mask));
sep = " ";
}
}
--
2.41.0
next prev parent reply other threads:[~2023-11-08 3:31 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-08 3:31 [iptables PATCH 1/3] arptables: Fix formatting of numeric --h-type output Phil Sutter
2023-11-08 3:31 ` Phil Sutter [this message]
2023-11-08 3:31 ` [iptables PATCH 3/3] extensions: libarpt_standard.t: Add a rule with builtin option masks Phil Sutter
2023-11-08 9:13 ` [iptables PATCH 1/3] arptables: Fix formatting of numeric --h-type output Florian Westphal
2023-11-09 14:56 ` Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231108033130.18747-2-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).