xtables: arp: add rule replacement support
The following patch permit to replace rule in xtables-arp.
Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c
index 9187617..8dfdf63 100644
--- a/iptables/xtables-arp.c
+++ b/iptables/xtables-arp.c
@@ -734,7 +734,7 @@
{
unsigned int rulenum;
- if (string_to_number(rule, 1, INT_MAX, &rulenum) == -1)
+ if (!xtables_strtoui(rule, NULL, &rulenum, 1, INT_MAX))
xtables_error(PARAMETER_PROBLEM,
"Invalid rule number `%s'", rule);
@@ -896,6 +896,21 @@
return ret;
}
+static int
+replace_entry(const char *chain,
+ const char *table,
+ struct arpt_entry *fw,
+ unsigned int rulenum,
+ const struct in_addr *saddr,
+ const struct in_addr *daddr,
+ bool verbose, struct nft_handle *h)
+{
+ fw->arp.src.s_addr = saddr->s_addr;
+ fw->arp.tgt.s_addr = daddr->s_addr;
+
+ return nft_rule_replace(h, chain, table, fw, rulenum, verbose);
+}
+
int do_commandarp(struct nft_handle *h, int argc, char *argv[], char **table)
{
struct arpt_entry fw, *e = NULL;
@@ -1396,9 +1411,8 @@
/*ret = arptc_delete_num_entry(chain, rulenum - 1, handle);*/
break;
case CMD_REPLACE:
- /*ret = replace_entry(chain, e, rulenum - 1,
- saddrs, daddrs, options&OPT_VERBOSE,
- handle);*/
+ ret = replace_entry(chain, *table, e, rulenum - 1,
+ saddrs, daddrs, options&OPT_VERBOSE, h);
break;
case CMD_INSERT:
ret = append_entry(h, chain, *table, e, rulenum - 1,