From 9df1a36a98aaf167993501c32ff7a10a38913f50 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Sat, 10 Feb 2018 13:23:03 +0100
Subject: sys/linux: add bridge netfilter support

---
 sys/linux/init.go | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'sys/linux/init.go')

diff --git a/sys/linux/init.go b/sys/linux/init.go
index 7c35d08ac..8f8fbfcc3 100644
--- a/sys/linux/init.go
+++ b/sys/linux/init.go
@@ -52,6 +52,7 @@ func initTarget(target *prog.Target) {
 		"ipt_replace":        arch.generateIptables,
 		"ip6t_replace":       arch.generateIptables,
 		"arpt_replace":       arch.generateArptables,
+		"ebt_replace":        arch.generateEbtables,
 	}
 	target.StringDictionary = stringDictionary
 
@@ -220,6 +221,11 @@ func (arch *arch) sanitizeCall(c *prog.Call) {
 			code.Val = 1
 		}
 	}
+
+	switch c.Meta.Name {
+	case "setsockopt$EBT_SO_SET_ENTRIES":
+		arch.sanitizeEbtables(c)
+	}
 }
 
 func (arch *arch) generateTimespec(g *prog.Gen, typ0 prog.Type, old prog.Arg) (arg prog.Arg, calls []*prog.Call) {
-- 
cgit mrf-deployment