Patchwork arptables bug.

login
register
mail settings
Submitter Pablo Neira
Date Jan. 7, 2013, 3:24 a.m.
Message ID <20130107032415.GA18563@1984>
Download mbox | patch
Permalink /patch/209849/
State Accepted
Headers show

Comments

Pablo Neira - Jan. 7, 2013, 3:24 a.m.
On Sat, Jan 05, 2013 at 08:56:18PM +0000, Steven Jan Springl wrote:
> Hello
> 
> I am using arptables v0.0.3.4 in Debian Squeeze.
> 
> Issuing command:
> 
> aptables -A INPUT -i eth0 --opcode ! 1 -j DROP
> 
> Then issuing command arptables-save produces the following:
> 
> -A INPUT -j DROP -i eth0  --opcode 1
> 
> The "!" is missing from the opcode.

Patch attached to fix it.

Bart, could you please apply this to your git repo? Thanks.
Bart De Schuymer - Jan. 7, 2013, 8:20 p.m.
Hi Pablo,

I've applied (a slightly different version of) your patch, thanks. I'll 
make a new release somewhere this week.

cheers,
Bart

Op 7/01/2013 4:24, Pablo Neira Ayuso schreef:
> On Sat, Jan 05, 2013 at 08:56:18PM +0000, Steven Jan Springl wrote:
>> Hello
>>
>> I am using arptables v0.0.3.4 in Debian Squeeze.
>>
>> Issuing command:
>>
>> aptables -A INPUT -i eth0 --opcode ! 1 -j DROP
>>
>> Then issuing command arptables-save produces the following:
>>
>> -A INPUT -j DROP -i eth0  --opcode 1
>>
>> The "!" is missing from the opcode.
> Patch attached to fix it.
>
> Bart, could you please apply this to your git repo? Thanks.

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Steven Jan Springl - Jan. 7, 2013, 8:50 p.m.
On Monday 07 Jan 2013 03:24:15 Pablo Neira Ayuso wrote:
> On Sat, Jan 05, 2013 at 08:56:18PM +0000, Steven Jan Springl wrote:
> > Hello
> > 
> > I am using arptables v0.0.3.4 in Debian Squeeze.
> > 
> > Issuing command:
> > 
> > aptables -A INPUT -i eth0 --opcode ! 1 -j DROP
> > 
> > Then issuing command arptables-save produces the following:
> > 
> > -A INPUT -j DROP -i eth0  --opcode 1
> > 
> > The "!" is missing from the opcode.
> 
> Patch attached to fix it.
> 
> Bart, could you please apply this to your git repo? Thanks.

Pablo

I can confirm that the patch corrects the bug.

Thanks.

Steven.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

From b83962f7ad5b65468d6e1ce099e970afd336c3b1 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 7 Jan 2013 04:14:22 +0100
Subject: [PATCH] arptables: fix ! --opcode 1 in -L -n output

The imbalance in the array is likely to fix the negation of:

--h-type, --proto-type, -i and -o.
---
 userspace/arptables/arptables.c |    1 +
 1 file changed, 1 insertion(+)

diff --git a/userspace/arptables/arptables.c b/userspace/arptables/arptables.c
index 2f048c7..29ccd22 100644
--- a/userspace/arptables/arptables.c
+++ b/userspace/arptables/arptables.c
@@ -204,6 +204,7 @@  static int inverse_for_options[NUMBER_OF_OPT] =
 /* 2 */ ARPT_INV_SRCDEVADDR,
 /* 3 */ ARPT_INV_TGTDEVADDR,
 /* -l */ ARPT_INV_ARPHLN,
+	0,
 /* 4 */ ARPT_INV_ARPOP,
 /* 5 */ ARPT_INV_ARPHRD,
 /* 6 */ ARPT_INV_ARPPRO,
-- 
1.7.10.4