Phil Sutter <phil@xxxxxx> wrote: > Indeed, I broke the checks for ARPT_INV_ARPHLN in there. That needs a > fix either way. > > The ARPT_INV_* defines are part of UAPI. They can't be removed without > breaking (or also converting?) legacy arptables. Its just a cached header. > Either way, we're > breaking third-party arptables DSOs using them. Right now, they are only > broken with arptables-nft. No idea if such DSOs exist, but if > compatibility is to be taken seriously, there's no way around reverting > above commit (and reintroducing do_commandarp() or at least a wrapper > around the shared do_parse()). arptables-legacy doesn't support runtime extension loading. I'll post a patch to convert libarpt_mangle.c.
