On Fri, Nov 03, 2023 at 05:35:19PM +0100, Florian Westphal wrote: > Phil Sutter <phil@xxxxxx> wrote: > > Indeed, I broke the checks for ARPT_INV_ARPHLN in there. That needs a > > fix either way. > > > > The ARPT_INV_* defines are part of UAPI. They can't be removed without > > breaking (or also converting?) legacy arptables. > > Its just a cached header. Ah, you mean dropping them locally just to prevent reuse. Yeah, why not. > > Either way, we're > > breaking third-party arptables DSOs using them. Right now, they are only > > broken with arptables-nft. No idea if such DSOs exist, but if > > compatibility is to be taken seriously, there's no way around reverting > > above commit (and reintroducing do_commandarp() or at least a wrapper > > around the shared do_parse()). > > arptables-legacy doesn't support runtime extension loading. Ah, that's great news! > I'll post a patch to convert libarpt_mangle.c. Cool, thanks!
