The initial goal was to fix the apparent problem of ebtables-translate printing 'counter' statement in wrong position, namely after the verdict. Turns out this happened when targets were used "implicitly", i.e. without requesting them via '-j'. Since ebtables-nft loaded all extensions (including targets) upfront, a syntax like: | # ebtables-nft -A FORWARD --mark-set 1 was accepted and valid. The 'mark' target in this case was added to iptables_command_state's 'match_list' as if it was a watcher. Legacy ebtables does not allow this syntax, also it becomes hard for users to realize why two targets can't be used in the same rule. So reject this (in patch 2) and implicitly fix the case of 'counter' statement in wrong position. Fixing the above caused some fallout: Patch 1 fixes error reporting of unknown arguments (or missing mandatory parameters) in all tools, patch 7 extends xlate-test.py to conveniently run for all libebt_*.txlate files (for instance). The remaining patches 3 to 6 contain cleanups of xtables-eb-translate.c in comparison to xtables-eb.c, also kind of preparing for a merge of the two largely identical parsers (at least). Phil Sutter (7): Proper fix for "unknown argument" error message ebtables: Refuse unselected targets' options ebtables-translate: Drop exec_style ebtables-translate: Use OPT_* from xshared.h ebtables-translate: Ignore '-j CONTINUE' ebtables-translate: Print flush command after parsing is finished tests: xlate: Support testing multiple individual files extensions/libebt_dnat.txlate | 12 ++-- extensions/libebt_log.c | 1 + extensions/libebt_mark.txlate | 16 ++--- extensions/libebt_nflog.c | 1 + extensions/libebt_snat.txlate | 8 +-- include/xtables.h | 1 + .../ebtables/0002-ebtables-save-restore_0 | 4 +- .../testcases/iptables/0009-unknown-arg_0 | 31 ++++++++++ iptables/xshared.c | 9 ++- iptables/xtables-eb-translate.c | 61 +++++++------------ iptables/xtables-eb.c | 46 +++++++------- xlate-test.py | 21 ++++--- 12 files changed, 115 insertions(+), 96 deletions(-) create mode 100755 iptables/tests/shell/testcases/iptables/0009-unknown-arg_0 -- 2.38.0
