| Message ID | 20210930140419.6170-16-phil@nwl.cc |
|---|---|
| State | Changes Requested |
| Delegated to: | Pablo Neira |
| Headers | show |
| Series | Eliminate dedicated arptables-nft parser | expand |
diff --git a/iptables/xtables.c b/iptables/xtables.c index b8c4e2737a96a..c77d76c89a543 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -589,6 +589,8 @@ void do_parse(struct nft_handle *h, int argc, char *argv[], if (invert) xtables_error(PARAMETER_PROBLEM, "unexpected ! flag before --table"); + if (h->family == NFPROTO_ARP) + break; if (p->restore && table_set) xtables_error(PARAMETER_PROBLEM, "The -t option (seen in line %u) cannot be used in %s.\n",
Legacy arptables allows arbitrary values passed after '-t' and just uses table 'filter' instead. Mimick this behaviour by just ignoring the parameter after invert flag checking (which legacy arptables indeed does). Signed-off-by: Phil Sutter <phil@nwl.cc> --- iptables/xtables.c | 2 ++ 1 file changed, 2 insertions(+)