This is a temporary workaround mechanism until variable interface hardware
address length can be handled through nftables.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@xxxxxxxxxxxxxxx>
---
iptables/xtables-arp.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c
index 18f285c..5ab0fb4 100644
--- a/iptables/xtables-arp.c
+++ b/iptables/xtables-arp.c
@@ -1145,6 +1145,13 @@ int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table)
invert);
getlength_and_mask(argv[optind - 1], &fw.arp.arhln,
&fw.arp.arhln_mask);
+
+ if (fw.arp.arhln != 6) {
+ xtables_error(PARAMETER_PROBLEM,
+ "Only harware address length of"
+ " 6 is supported currently.");
+ }
+
break;
case 8:/* protocol length */
--
1.8.4.2
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
