| Message ID | 20231108033130.18747-1-phil@nwl.cc |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [iptables,1/3] arptables: Fix formatting of numeric --h-type output | expand |
Phil Sutter <phil@nwl.cc> wrote: > Arptables expects numeric arguments to --h-type option in hexadecimal > form, even if no '0x'-prefix is present. In contrast, it prints such > values in decimal. This is not just inconsistent, but makes it > impossible to save and later restore a ruleset without fixing up the > values in between. > > Assuming that the parser side can't be changed for compatibility > reasons, fix the output side instead. > > This is a day 1 bug and present in legacy arptables as well, so treat > this as a "feature" of arptables-nft and omit a Fixes: tag. Acked-by: Florian Westphal <fw@strlen.de>
On Wed, Nov 08, 2023 at 04:31:28AM +0100, Phil Sutter wrote: > Arptables expects numeric arguments to --h-type option in hexadecimal > form, even if no '0x'-prefix is present. In contrast, it prints such > values in decimal. This is not just inconsistent, but makes it > impossible to save and later restore a ruleset without fixing up the > values in between. > > Assuming that the parser side can't be changed for compatibility > reasons, fix the output side instead. > > This is a day 1 bug and present in legacy arptables as well, so treat > this as a "feature" of arptables-nft and omit a Fixes: tag. > > Signed-off-by: Phil Sutter <phil@nwl.cc> Series applied.
diff --git a/extensions/libarpt_standard.t b/extensions/libarpt_standard.t index 007fa2b8335e8..a2b0a36a4a6bf 100644 --- a/extensions/libarpt_standard.t +++ b/extensions/libarpt_standard.t @@ -13,4 +13,6 @@ --source-mac Unicast;--src-mac 00:00:00:00:00:00/01:00:00:00:00:00;OK ! --src-mac Multicast;! --src-mac 01:00:00:00:00:00/01:00:00:00:00:00;OK --src-mac=01:02:03:04:05:06 --dst-mac=07:08:09:0A:0B:0C --h-length=6 --opcode=Request --h-type=Ethernet --proto-type=ipv4;--src-mac 01:02:03:04:05:06 --dst-mac 07:08:09:0a:0b:0c --opcode 1 --proto-type 0x800;OK ---src-mac ! 01:02:03:04:05:06 --dst-mac ! 07:08:09:0A:0B:0C --h-length ! 6 --opcode ! Request --h-type ! Ethernet --proto-type ! ipv4;! --src-mac 01:02:03:04:05:06 ! --dst-mac 07:08:09:0a:0b:0c ! --h-length 6 ! --opcode 1 ! --h-type 1 ! --proto-type 0x800;OK +--src-mac ! 01:02:03:04:05:06 --dst-mac ! 07:08:09:0A:0B:0C --h-length ! 6 --opcode ! Request --h-type ! Ethernet --proto-type ! ipv4;! --src-mac 01:02:03:04:05:06 ! --dst-mac 07:08:09:0a:0b:0c ! --h-length 6 ! --opcode 1 ! --h-type 0x1 ! --proto-type 0x800;OK +--h-type 10;--h-type 0x10;OK +--h-type 0x10;=;OK diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c index 8521cc4f15c1d..83aec5003004e 100644 --- a/iptables/nft-arp.c +++ b/iptables/nft-arp.c @@ -323,9 +323,9 @@ static void nft_arp_print_rule_details(const struct iptables_command_state *cs, if (tmp == 1 && !(format & FMT_NUMERIC)) printf("--h-type %s", "Ethernet"); else - printf("--h-type %u", tmp); + printf("--h-type 0x%x", tmp); if (fw->arp.arhrd_mask != 65535) - printf("/%d", ntohs(fw->arp.arhrd_mask)); + printf("/0x%x", ntohs(fw->arp.arhrd_mask)); sep = " "; }
Arptables expects numeric arguments to --h-type option in hexadecimal form, even if no '0x'-prefix is present. In contrast, it prints such values in decimal. This is not just inconsistent, but makes it impossible to save and later restore a ruleset without fixing up the values in between. Assuming that the parser side can't be changed for compatibility reasons, fix the output side instead. This is a day 1 bug and present in legacy arptables as well, so treat this as a "feature" of arptables-nft and omit a Fixes: tag. Signed-off-by: Phil Sutter <phil@nwl.cc> --- extensions/libarpt_standard.t | 4 +++- iptables/nft-arp.c | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-)