On Fri, Nov 03, 2023 at 11:23:23AM +0100, Florian Westphal wrote:
> These values are not always interchangeable, e.g.:
>
> define IPT_INV_SRCDEVADDR 0x0080
> but:
> define ARPT_INV_SRCDEVADDR 0x0010
>
> as these flags can be tested by libarp_foo.so such
> checks can yield incorrect results.
Hmm. This is a partial revert of 44457c0805905 ("xtables-arp: Don't use
ARPT_INV_*") and therefore very likely incomplete - e.g. it does not
reinstate ipt_to_arpt_flags() which was used in nft_arp_parse_meta().
Above commit introduced IPT_INV_SRCDEVADDR in the first place, iptables
does not make use of it.
A revert of that commit requires a thorough review of later changes in
arptables code as it may have allowed for some code-sharing which is no
longer possible then. So please hold back with this a bit, I'll check if
any follow-ups are required.
Thanks, Phil
