Message ID | 1395658786-3862-1-git-send-email-giuseppelng@gmail.com |
---|---|
State | Accepted |
Headers | show |
On Mon, Mar 24, 2014 at 11:59:46AM +0100, Giuseppe Longo wrote: > Since the family declaration has been modified in libnftnl, > from commit 3cd9cd06625f8181c713489cec2c1ce6722a7e16 > the assertion is failed for {ip,ip6,arp}tables-compat > when printing rules. > > iptables-compat -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > libnftnl: attribute 0 assertion failed in rule.c:273 > > ip6tables-compat -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > libnftnl: attribute 0 assertion failed in rule.c:273 > > arptables-compat -L > Chain INPUT (policy ACCEPT) > target prot opt source destination > libnftnl: attribute 0 assertion failed in rule.c:273 Applied, thanks Giuseppe. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c index a494ee6..5d44caf 100644 --- a/iptables/nft-arp.c +++ b/iptables/nft-arp.c @@ -369,7 +369,7 @@ void nft_rule_to_arpt_entry(struct nft_rule *r, struct arpt_entry *fw) { struct nft_rule_expr_iter *iter; struct nft_rule_expr *expr; - int family = nft_rule_attr_get_u8(r, NFT_RULE_ATTR_FAMILY); + int family = nft_rule_attr_get_u32(r, NFT_RULE_ATTR_FAMILY); iter = nft_rule_expr_iter_create(r); if (iter == NULL) diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c index d59abd4..395a4cc 100644 --- a/iptables/nft-shared.c +++ b/iptables/nft-shared.c @@ -458,7 +458,7 @@ void nft_rule_to_iptables_command_state(struct nft_rule *r, { struct nft_rule_expr_iter *iter; struct nft_rule_expr *expr; - int family = nft_rule_attr_get_u8(r, NFT_RULE_ATTR_FAMILY); + int family = nft_rule_attr_get_u32(r, NFT_RULE_ATTR_FAMILY); iter = nft_rule_expr_iter_create(r); if (iter == NULL) diff --git a/iptables/nft.c b/iptables/nft.c index 8bb5c64..26942d8 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -1045,7 +1045,7 @@ nft_rule_print_save(const void *data, unsigned int format) { const char *chain = nft_rule_attr_get_str(r, NFT_RULE_ATTR_CHAIN); - int family = nft_rule_attr_get_u8(r, NFT_RULE_ATTR_FAMILY); + int family = nft_rule_attr_get_u32(r, NFT_RULE_ATTR_FAMILY); struct nft_family_ops *ops; /* print chain name */ diff --git a/iptables/xtables-events.c b/iptables/xtables-events.c index 535dd91..552ce56 100644 --- a/iptables/xtables-events.c +++ b/iptables/xtables-events.c @@ -75,7 +75,7 @@ static int rule_cb(const struct nlmsghdr *nlh, int type) goto err_free; } - family = nft_rule_attr_get_u8(r, NFT_RULE_ATTR_FAMILY); + family = nft_rule_attr_get_u32(r, NFT_RULE_ATTR_FAMILY); switch (family) { case AF_INET: case AF_INET6:
Since the family declaration has been modified in libnftnl, from commit 3cd9cd06625f8181c713489cec2c1ce6722a7e16 the assertion is failed for {ip,ip6,arp}tables-compat when printing rules. iptables-compat -L Chain INPUT (policy ACCEPT) target prot opt source destination libnftnl: attribute 0 assertion failed in rule.c:273 ip6tables-compat -L Chain INPUT (policy ACCEPT) target prot opt source destination libnftnl: attribute 0 assertion failed in rule.c:273 arptables-compat -L Chain INPUT (policy ACCEPT) target prot opt source destination libnftnl: attribute 0 assertion failed in rule.c:273 Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com> --- iptables/nft-arp.c | 2 +- iptables/nft-shared.c | 2 +- iptables/nft.c | 2 +- iptables/xtables-events.c | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-)