Unfortunately no nft translation available so far.
Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
---
extensions/libebt_arpreply.c | 106 +++++++++++++++++++++++++++++++++++
extensions/libebt_arpreply.t | 4 ++
iptables/xtables-eb.c | 1 +
3 files changed, 111 insertions(+)
create mode 100644 extensions/libebt_arpreply.c
create mode 100644 extensions/libebt_arpreply.t
diff --git a/extensions/libebt_arpreply.c b/extensions/libebt_arpreply.c
new file mode 100644
index 000000000000..998dece33921
--- /dev/null
+++ b/extensions/libebt_arpreply.c
@@ -0,0 +1,106 @@
+/* ebt_arpreply
+ *
+ * Authors:
+ * Grzegorz Borowiak <grzes@xxxxxxxxxxxxxxx>
+ * Bart De Schuymer <bdschuym@xxxxxxxxxx>
+ *
+ * August, 2003
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <getopt.h>
+#include <xtables.h>
+#include <netinet/ether.h>
+#include <linux/netfilter_bridge/ebt_arpreply.h>
+#include "iptables/nft.h"
+#include "iptables/nft-bridge.h"
+
+#define OPT_REPLY_MAC 0x01
+#define OPT_REPLY_TARGET 0x02
+
+#define REPLY_MAC '1'
+#define REPLY_TARGET '2'
+static const struct option brarpreply_opts[] = {
+ { "arpreply-mac" , required_argument, 0, REPLY_MAC },
+ { "arpreply-target" , required_argument, 0, REPLY_TARGET },
+ XT_GETOPT_TABLEEND,
+};
+
+static void brarpreply_print_help(void)
+{
+ printf(
+ "arpreply target options:\n"
+ " --arpreply-mac address : source MAC of generated reply\n"
+ " --arpreply-target target : ACCEPT, DROP, RETURN or CONTINUE\n"
+ " (standard target is DROP)\n");
+}
+
+static void brarpreply_init(struct xt_entry_target *target)
+{
+ struct ebt_arpreply_info *replyinfo = (void *)target->data;
+
+ replyinfo->target = EBT_DROP;
+}
+
+static int
+brarpreply_parse(int c, char **argv, int invert, unsigned int *flags,
+ const void *entry, struct xt_entry_target **tg)
+
+{
+ struct ebt_arpreply_info *replyinfo = (void *)(*tg)->data;
+ struct ether_addr *addr;
+
+ switch (c) {
+ case REPLY_MAC:
+ EBT_CHECK_OPTION(flags, OPT_REPLY_MAC);
+ if (!(addr = ether_aton(optarg)))
+ xtables_error(PARAMETER_PROBLEM, "Problem with specified --arpreply-mac mac");
+ memcpy(replyinfo->mac, addr, ETH_ALEN);
+ break;
+ case REPLY_TARGET:
+ EBT_CHECK_OPTION(flags, OPT_REPLY_TARGET);
+ if (ebt_fill_target(optarg, (unsigned int *)&replyinfo->target))
+ xtables_error(PARAMETER_PROBLEM, "Illegal --arpreply-target target");
+ break;
+
+ default:
+ return 0;
+ }
+ return 1;
+}
+
+static void ebt_print_mac(const unsigned char *mac)
+{
+ printf("%s", ether_ntoa((struct ether_addr *) mac));
+}
+
+static void brarpreply_print(const void *ip, const struct xt_entry_target *t, int numeric)
+{
+ struct ebt_arpreply_info *replyinfo = (void *)t->data;
+
+ printf("--arpreply-mac ");
+ ebt_print_mac(replyinfo->mac);
+ if (replyinfo->target == EBT_DROP)
+ return;
+ printf(" --arpreply-target %s", ebt_target_name(replyinfo->target));
+}
+
+static struct xtables_target arpreply_target = {
+ .name = "arpreply",
+ .version = XTABLES_VERSION,
+ .family = NFPROTO_BRIDGE,
+ .init = brarpreply_init,
+ .size = XT_ALIGN(sizeof(struct ebt_arpreply_info)),
+ .userspacesize = XT_ALIGN(sizeof(struct ebt_arpreply_info)),
+ .help = brarpreply_print_help,
+ .parse = brarpreply_parse,
+ .print = brarpreply_print,
+ .extra_opts = brarpreply_opts,
+};
+
+void _init(void)
+{
+ xtables_register_target(&arpreply_target);
+}
diff --git a/extensions/libebt_arpreply.t b/extensions/libebt_arpreply.t
new file mode 100644
index 000000000000..f7bc85f9cd34
--- /dev/null
+++ b/extensions/libebt_arpreply.t
@@ -0,0 +1,4 @@
+:PREROUTING
+*nat
+-p ARP -i foo -j arpreply --arpreply-mac de:ad:0:be:ee:ff --arpreply-target ACCEPT;=;OK
+-p ARP -i foo -j arpreply --arpreply-mac de:ad:0:be:ee:ff;=;OK
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index c36c12e68222..871891442e43 100644
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -655,6 +655,7 @@ void ebt_load_match_extensions(void)
ebt_load_target("mark");
ebt_load_target("dnat");
ebt_load_target("snat");
+ ebt_load_target("arpreply");
ebt_load_target("redirect");
ebt_load_target("standard");
}
--
2.18.1
