Re: (FORWARD) Boian Bonev: iptables-restore bug

Andras Kis-Szabo Wed, 10 Apr 2002 08:20:02 -0700

Hi,

> ---------cut
> -A INPUT -s 1.2.3.4 -m mac --mac !01:02:03:04:05:06 -j DROP 
> COMMIT
> # Completed on Wed Apr 10 03:51:31 2002
> root@firewall:~# iptables-restore < asd 
> iptables-restore v1.2.6a: Bad mac address `!01:02:03:04:05:06'
> Try `iptables-restore -h' or 'iptables-restore --help' for more information.
> ---------cut


Patch attached (ipv4 and ipv6, too)

Regards,

        kisza
 
-- 
    Andras Kis-Szabo       Security Development, Design and Audit
-------------------------/       Zorp, NetFilter and IPv6
 [EMAIL PROTECTED] /---------------------------------------------->

diff -urN netfilter-old/userspace/extensions/libip6t_mac.c netfilter/userspace/extensions/libip6t_mac.c
--- netfilter-old/userspace/extensions/libip6t_mac.c	Wed Apr 10 17:34:38 2002
+++ netfilter/userspace/extensions/libip6t_mac.c	Wed Apr 10 17:35:56 2002
@@ -90,7 +90,7 @@
 {
 	unsigned int i;
 
-	printf("%s%02X", invert ? "!" : "", macaddress[0]);
+	printf("%s %02X", invert ? "!" : "", macaddress[0]);
 	for (i = 1; i < ETH_ALEN; i++)
 		printf(":%02X", macaddress[i]);
 	printf(" ");
diff -urN netfilter-old/userspace/extensions/libipt_mac.c netfilter/userspace/extensions/libipt_mac.c
--- netfilter-old/userspace/extensions/libipt_mac.c	Wed Apr 10 17:34:39 2002
+++ netfilter/userspace/extensions/libipt_mac.c	Wed Apr 10 17:35:24 2002
@@ -90,7 +90,7 @@
 {
 	unsigned int i;
 
-	printf("%s%02X", invert ? "!" : "", macaddress[0]);
+	printf("%s %02X", invert ? "!" : "", macaddress[0]);
 	for (i = 1; i < ETH_ALEN; i++)
 		printf(":%02X", macaddress[i]);
 	printf(" ");

Re: (FORWARD) Boian Bonev: iptables-restore bug

Reply via email to