Legacy arptables accepts but ignores the flag. Yet there are remains of the functionality in sources, like OPT_EXPANDED define and a print_num() function which acts on FMT_KILOMEGAGIGA flag being set or not. So instead of mimicking legacy behaviour by explicitly ignoring -x flag for arptables, just enable the feature for it. Signed-off-by: Phil Sutter <phil@xxxxxx> --- iptables/xshared.c | 3 +++ iptables/xshared.h | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/iptables/xshared.c b/iptables/xshared.c index 9b5e5b5bddc27..76001c51cbcb2 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -1685,6 +1685,9 @@ void do_parse(int argc, char *argv[], break; case 'x': + if (args->family == NFPROTO_ARP) + break; /* arptables silently ignores its --exact option */ + set_option(&cs->options, OPT_EXPANDED, &args->invflags, invert); break; diff --git a/iptables/xshared.h b/iptables/xshared.h index f821298839687..2498e32d39e03 100644 --- a/iptables/xshared.h +++ b/iptables/xshared.h @@ -69,7 +69,7 @@ struct xtables_target; #define OPTSTRING_COMMON "-:A:C:D:E:F::I:L::M:N:P:VX::Z::" "c:d:i:j:o:p:s:t:" #define IPT_OPTSTRING OPTSTRING_COMMON "R:S::W::" "46bfg:h::m:nvw::x" -#define ARPT_OPTSTRING OPTSTRING_COMMON "R:S::" "h::l:nv" /* "m:" */ +#define ARPT_OPTSTRING OPTSTRING_COMMON "R:S::" "h::l:nvx" /* "m:" */ #define EBT_OPTSTRING OPTSTRING_COMMON "hv" /* define invflags which won't collide with IPT ones */ -- 2.34.1
