static void
ip4prefix2mask(int prefix, struct in_addr *mask)
{
- mask->s_addr = htonl(~((1 << (32 - prefix)) - 1));
+ if (prefix > 0)
+ mask->s_addr = htonl(~((1 << (32 - prefix)) - 1));
+ else
+ mask->s_addr = 0;
}
#ifndef DISABLE_IPV6
void
fw3_ipt_rule_mac(struct fw3_ipt_rule *r, struct fw3_mac *mac)
{
+ char buf[sizeof("ff:ff:ff:ff:ff:ff\0")];
+ uint8_t *addr = mac->mac.ether_addr_octet;
+
if (!mac)
return;
+ sprintf(buf, "%02x:%02x:%02x:%02x:%02x:%02x",
+ addr[0], addr[1], addr[2], addr[3], addr[4], addr[5]);
+
fw3_ipt_rule_addarg(r, false, "-m", "mac");
- fw3_ipt_rule_addarg(r, mac->invert, "--mac-source", ether_ntoa(&mac->mac));
+ fw3_ipt_rule_addarg(r, mac->invert, "--mac-source", buf);
}
void