diff mbox series

[iptables,v2,2/2] nft: Drop interface mask leftovers from post_parse callbacks

Message ID 20241119220325.30700-2-phil@nwl.cc
State Accepted
Headers show
Series [iptables,v2,1/2] nft: fix interface comparisons in `-C` commands | expand

Commit Message

Phil Sutter Nov. 19, 2024, 10:03 p.m. UTC
Fixed commit only adjusted the IPv4-specific callback for unclear
reasons.

Fixes: fe70364b36119 ("xshared: Do not populate interface masks per default")
Cc: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
Changes since v1:
- New patch
---
 iptables/nft-arp.c | 3 ---
 iptables/xshared.c | 5 -----
 iptables/xshared.h | 1 -
 3 files changed, 9 deletions(-)

Comments

Jeremy Sowden Nov. 19, 2024, 10:38 p.m. UTC | #1
On 2024-11-19, at 23:03:25 +0100, Phil Sutter wrote:
> Fixed commit only adjusted the IPv4-specific callback for unclear
> reasons.
> 
> Fixes: fe70364b36119 ("xshared: Do not populate interface masks per default")
> Cc: Jeremy Sowden <jeremy@azazel.net>
> Signed-off-by: Phil Sutter <phil@nwl.cc>

Reviewed-by: Jeremy Sowden <jeremy@azazel.net>

> ---
> Changes since v1:
> - New patch
> ---
>  iptables/nft-arp.c | 3 ---
>  iptables/xshared.c | 5 -----
>  iptables/xshared.h | 1 -
>  3 files changed, 9 deletions(-)
> 
> diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
> index c11d64c368638..fa2dd558b1f89 100644
> --- a/iptables/nft-arp.c
> +++ b/iptables/nft-arp.c
> @@ -459,10 +459,7 @@ static void nft_arp_post_parse(int command,
>  	cs->arp.arp.invflags = args->invflags;
>  
>  	memcpy(cs->arp.arp.iniface, args->iniface, IFNAMSIZ);
> -	memcpy(cs->arp.arp.iniface_mask, args->iniface_mask, IFNAMSIZ);
> -
>  	memcpy(cs->arp.arp.outiface, args->outiface, IFNAMSIZ);
> -	memcpy(cs->arp.arp.outiface_mask, args->outiface_mask, IFNAMSIZ);
>  
>  	cs->arp.counters.pcnt = args->pcnt_cnt;
>  	cs->arp.counters.bcnt = args->bcnt_cnt;
> diff --git a/iptables/xshared.c b/iptables/xshared.c
> index 2a5eef09c75de..2f663f9762016 100644
> --- a/iptables/xshared.c
> +++ b/iptables/xshared.c
> @@ -2104,12 +2104,7 @@ void ipv6_post_parse(int command, struct iptables_command_state *cs,
>  	cs->fw6.ipv6.invflags = args->invflags;
>  
>  	memcpy(cs->fw6.ipv6.iniface, args->iniface, IFNAMSIZ);
> -	memcpy(cs->fw6.ipv6.iniface_mask,
> -	       args->iniface_mask, IFNAMSIZ*sizeof(unsigned char));
> -
>  	memcpy(cs->fw6.ipv6.outiface, args->outiface, IFNAMSIZ);
> -	memcpy(cs->fw6.ipv6.outiface_mask,
> -	       args->outiface_mask, IFNAMSIZ*sizeof(unsigned char));
>  
>  	if (args->goto_set)
>  		cs->fw6.ipv6.flags |= IP6T_F_GOTO;
> diff --git a/iptables/xshared.h b/iptables/xshared.h
> index a111e79793b54..af756738e7c44 100644
> --- a/iptables/xshared.h
> +++ b/iptables/xshared.h
> @@ -262,7 +262,6 @@ struct xtables_args {
>  	uint8_t		flags;
>  	uint16_t	invflags;
>  	char		iniface[IFNAMSIZ], outiface[IFNAMSIZ];
> -	unsigned char	iniface_mask[IFNAMSIZ], outiface_mask[IFNAMSIZ];
>  	char		bri_iniface[IFNAMSIZ], bri_outiface[IFNAMSIZ];
>  	bool		goto_set;
>  	const char	*shostnetworkmask, *dhostnetworkmask;
> -- 
> 2.47.0
>
diff mbox series

Patch

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index c11d64c368638..fa2dd558b1f89 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -459,10 +459,7 @@  static void nft_arp_post_parse(int command,
 	cs->arp.arp.invflags = args->invflags;
 
 	memcpy(cs->arp.arp.iniface, args->iniface, IFNAMSIZ);
-	memcpy(cs->arp.arp.iniface_mask, args->iniface_mask, IFNAMSIZ);
-
 	memcpy(cs->arp.arp.outiface, args->outiface, IFNAMSIZ);
-	memcpy(cs->arp.arp.outiface_mask, args->outiface_mask, IFNAMSIZ);
 
 	cs->arp.counters.pcnt = args->pcnt_cnt;
 	cs->arp.counters.bcnt = args->bcnt_cnt;
diff --git a/iptables/xshared.c b/iptables/xshared.c
index 2a5eef09c75de..2f663f9762016 100644
--- a/iptables/xshared.c
+++ b/iptables/xshared.c
@@ -2104,12 +2104,7 @@  void ipv6_post_parse(int command, struct iptables_command_state *cs,
 	cs->fw6.ipv6.invflags = args->invflags;
 
 	memcpy(cs->fw6.ipv6.iniface, args->iniface, IFNAMSIZ);
-	memcpy(cs->fw6.ipv6.iniface_mask,
-	       args->iniface_mask, IFNAMSIZ*sizeof(unsigned char));
-
 	memcpy(cs->fw6.ipv6.outiface, args->outiface, IFNAMSIZ);
-	memcpy(cs->fw6.ipv6.outiface_mask,
-	       args->outiface_mask, IFNAMSIZ*sizeof(unsigned char));
 
 	if (args->goto_set)
 		cs->fw6.ipv6.flags |= IP6T_F_GOTO;
diff --git a/iptables/xshared.h b/iptables/xshared.h
index a111e79793b54..af756738e7c44 100644
--- a/iptables/xshared.h
+++ b/iptables/xshared.h
@@ -262,7 +262,6 @@  struct xtables_args {
 	uint8_t		flags;
 	uint16_t	invflags;
 	char		iniface[IFNAMSIZ], outiface[IFNAMSIZ];
-	unsigned char	iniface_mask[IFNAMSIZ], outiface_mask[IFNAMSIZ];
 	char		bri_iniface[IFNAMSIZ], bri_outiface[IFNAMSIZ];
 	bool		goto_set;
 	const char	*shostnetworkmask, *dhostnetworkmask;