alicelinux

A lightweight musl + clang/llvm + libressl + busybox distro
git clone https://codeberg.org/emmett1/alicelinux
Log | Files | Refs | README | LICENSE

drop-interface-mask-leftovers-from-post-parse-callbacks.patch (2364B)

      1 Url: https://git.netfilter.org/iptables/patch/?id=b3f3e256c263b9a1db49732696aba0dde084ef5e
      2 From b3f3e256c263b9a1db49732696aba0dde084ef5e Mon Sep 17 00:00:00 2001
      3 From: Phil Sutter <phil@nwl.cc>
      4 Date: Fri, 15 Nov 2024 19:55:32 +0100
      5 Subject: nft: Drop interface mask leftovers from post_parse callbacks
      6 
      7 Fixed commit only adjusted the IPv4-specific callback for unclear
      8 reasons.
      9 
     10 Fixes: fe70364b36119 ("xshared: Do not populate interface masks per default")
     11 Signed-off-by: Phil Sutter <phil@nwl.cc>
     12 Reviewed-by: Jeremy Sowden <jeremy@azazel.net>
     13 ---
     14  iptables/nft-arp.c | 3 ---
     15  iptables/xshared.c | 5 -----
     16  iptables/xshared.h | 1 -
     17  3 files changed, 9 deletions(-)
     18 
     19 diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
     20 index c11d64c3..fa2dd558 100644
     21 --- a/iptables/nft-arp.c
     22 +++ b/iptables/nft-arp.c
     23 @@ -459,10 +459,7 @@ static void nft_arp_post_parse(int command,
     24  	cs->arp.arp.invflags = args->invflags;
     25  
     26  	memcpy(cs->arp.arp.iniface, args->iniface, IFNAMSIZ);
     27 -	memcpy(cs->arp.arp.iniface_mask, args->iniface_mask, IFNAMSIZ);
     28 -
     29  	memcpy(cs->arp.arp.outiface, args->outiface, IFNAMSIZ);
     30 -	memcpy(cs->arp.arp.outiface_mask, args->outiface_mask, IFNAMSIZ);
     31  
     32  	cs->arp.counters.pcnt = args->pcnt_cnt;
     33  	cs->arp.counters.bcnt = args->bcnt_cnt;
     34 diff --git a/iptables/xshared.c b/iptables/xshared.c
     35 index 2a5eef09..2f663f97 100644
     36 --- a/iptables/xshared.c
     37 +++ b/iptables/xshared.c
     38 @@ -2104,12 +2104,7 @@ void ipv6_post_parse(int command, struct iptables_command_state *cs,
     39  	cs->fw6.ipv6.invflags = args->invflags;
     40  
     41  	memcpy(cs->fw6.ipv6.iniface, args->iniface, IFNAMSIZ);
     42 -	memcpy(cs->fw6.ipv6.iniface_mask,
     43 -	       args->iniface_mask, IFNAMSIZ*sizeof(unsigned char));
     44 -
     45  	memcpy(cs->fw6.ipv6.outiface, args->outiface, IFNAMSIZ);
     46 -	memcpy(cs->fw6.ipv6.outiface_mask,
     47 -	       args->outiface_mask, IFNAMSIZ*sizeof(unsigned char));
     48  
     49  	if (args->goto_set)
     50  		cs->fw6.ipv6.flags |= IP6T_F_GOTO;
     51 diff --git a/iptables/xshared.h b/iptables/xshared.h
     52 index a111e797..af756738 100644
     53 --- a/iptables/xshared.h
     54 +++ b/iptables/xshared.h
     55 @@ -262,7 +262,6 @@ struct xtables_args {
     56  	uint8_t		flags;
     57  	uint16_t	invflags;
     58  	char		iniface[IFNAMSIZ], outiface[IFNAMSIZ];
     59 -	unsigned char	iniface_mask[IFNAMSIZ], outiface_mask[IFNAMSIZ];
     60  	char		bri_iniface[IFNAMSIZ], bri_outiface[IFNAMSIZ];
     61  	bool		goto_set;
     62  	const char	*shostnetworkmask, *dhostnetworkmask;
     63 -- 
     64 cgit v1.2.3
     65