From 345fb0551048b4b3c9f3f0a136c952a4ae5bf262 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 31 Jan 2023 23:32:50 +0100 Subject: [PATCH] extensions: libebt_redirect: Fix for wrong syntax in translation Meta key comes before 'set' in meta statement. Fixes: 24ce7465056ae ("ebtables-compat: add redirect match extension") Signed-off-by: Phil Sutter (cherry picked from commit 6d1263002c2a9fc6dfa59c764dee767a084d428d) --- extensions/libebt_redirect.c | 2 +- extensions/libebt_redirect.txlate | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/extensions/libebt_redirect.c b/extensions/libebt_redirect.c index 389f3ccb53f60..7821935e137aa 100644 --- a/extensions/libebt_redirect.c +++ b/extensions/libebt_redirect.c @@ -83,7 +83,7 @@ static int brredir_xlate(struct xt_xlate *xl, { const struct ebt_redirect_info *red = (const void*)params->target->data; - xt_xlate_add(xl, "meta set pkttype host"); + xt_xlate_add(xl, "meta pkttype set host"); if (red->target != EBT_CONTINUE) xt_xlate_add(xl, " %s ", brredir_verdict(red->target)); return 1; diff --git a/extensions/libebt_redirect.txlate b/extensions/libebt_redirect.txlate index f0dd5deaf6406..d073ec774c4fa 100644 --- a/extensions/libebt_redirect.txlate +++ b/extensions/libebt_redirect.txlate @@ -1,8 +1,8 @@ ebtables-translate -t nat -A PREROUTING -d de:ad:00:00:be:ef -j redirect -nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta set pkttype host accept' +nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta pkttype set host accept' ebtables-translate -t nat -A PREROUTING -d de:ad:00:00:be:ef -j redirect --redirect-target RETURN -nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta set pkttype host return' +nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta pkttype set host return' ebtables-translate -t nat -A PREROUTING -d de:ad:00:00:be:ef -j redirect --redirect-target CONTINUE -nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta set pkttype host' +nft 'add rule bridge nat PREROUTING ether daddr de:ad:00:00:be:ef counter meta pkttype set host' -- 2.40.0