NFPROTO_ARP = 3 in kernel space.
We need the same value here in userspace in order to correctly communicate
with the kernel.
The failure solved by this patch made that {XML|JSON}-parsed tables of ARP
family unable to be directly injected into kernel.
To prevent future errors, this patch changes raw and AF_* values by the mathing
NFPROTO_* couterpart as seen in linux/netfilter.h in both functions:
* nft_family2str()
* nft_str2family()
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@xxxxxxxxx>
---
src/utils.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/src/utils.c b/src/utils.c
index d70fbf1..d70d073 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -23,15 +23,15 @@
const char *nft_family2str(uint32_t family)
{
switch (family) {
- case AF_INET:
+ case NFPROTO_IPV4:
return "ip";
- case AF_INET6:
+ case NFPROTO_IPV6:
return "ip6";
- case 1:
+ case NFPROTO_INET:
return "inet";
- case AF_BRIDGE:
+ case NFPROTO_BRIDGE:
return "bridge";
- case 3: /* NFPROTO_ARP */
+ case NFPROTO_ARP:
return "arp";
default:
return "unknown";
@@ -41,15 +41,15 @@ const char *nft_family2str(uint32_t family)
int nft_str2family(const char *family)
{
if (strcmp(family, "ip") == 0)
- return AF_INET;
+ return NFPROTO_IPV4;
else if (strcmp(family, "ip6") == 0)
- return AF_INET6;
+ return NFPROTO_IPV6;
else if (strcmp(family, "inet") == 0)
- return 1;
+ return NFPROTO_INET;
else if (strcmp(family, "bridge") == 0)
- return AF_BRIDGE;
+ return NFPROTO_BRIDGE;
else if (strcmp(family, "arp") == 0)
- return 0;
+ return NFPROTO_ARP;
errno = EAFNOSUPPORT;
return -1;
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
