@@ -64,22 +64,6 @@ static int parse_rule_number(const char *rule)
return rule_nr;
}
-static int get_current_chain(const char *chain)
-{
- if (strcmp(chain, "PREROUTING") == 0)
- return NF_BR_PRE_ROUTING;
- else if (strcmp(chain, "INPUT") == 0)
- return NF_BR_LOCAL_IN;
- else if (strcmp(chain, "FORWARD") == 0)
- return NF_BR_FORWARD;
- else if (strcmp(chain, "OUTPUT") == 0)
- return NF_BR_LOCAL_OUT;
- else if (strcmp(chain, "POSTROUTING") == 0)
- return NF_BR_POST_ROUTING;
-
- return -1;
-}
-
/*
* The original ebtables parser
*/
@@ -240,7 +224,7 @@ static int do_commandeb_xlate(struct nft_handle *h, int argc, char *argv[], char
"Multiple commands are not allowed");
command = c;
chain = optarg;
- selected_chain = get_current_chain(chain);
+ selected_chain = ebt_get_current_chain(chain);
p.chain = chain;
flags |= OPT_COMMAND;
Drop the local reimplementation. It was barely different enough to be buggy: | % ebtables-nft -A foo -o eth0 -j ACCEPT | % xtables-nft-multi ebtables-translate -A foo -o eth0 -j ACCEPT | ebtables-translate v1.8.5 (nf_tables): Use -o only in OUTPUT, FORWARD and POSTROUTING chains | Try `ebtables-translate -h' or 'ebtables-translate --help' for more information. With this change, output is as expected: | % xtables-nft-multi ebtables-translate -A foo -o eth0 -j ACCEPT | nft add rule bridge filter foo oifname "eth0" counter accept This is roughly the same issue fixed in commit e1ccd979e6849 ("ebtables: fix over-eager -o checks on custom chains"). Signed-off-by: Phil Sutter <phil@nwl.cc> --- iptables/xtables-eb-translate.c | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-)