diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c index 92237c4e0f..c38443763a 100644 --- a/src/network/networkd-address.c +++ b/src/network/networkd-address.c @@ -266,7 +266,7 @@ static int address_set_masquerade(Address *address, bool add) { if (r < 0) return r; - r = fw_add_masquerade(add, AF_INET, 0, &masked, address->prefixlen, NULL, NULL, 0); + r = fw_add_masquerade(add, AF_INET, &masked, address->prefixlen); if (r < 0) return r; diff --git a/src/shared/firewall-util.c b/src/shared/firewall-util.c index bcef7602ce..974803903d 100644 --- a/src/shared/firewall-util.c +++ b/src/shared/firewall-util.c @@ -81,12 +81,8 @@ static int entry_fill_basics( int fw_add_masquerade( bool add, int af, - int protocol, const union in_addr_union *source, - unsigned source_prefixlen, - const char *out_interface, - const union in_addr_union *destination, - unsigned destination_prefixlen) { + unsigned source_prefixlen) { static const xt_chainlabel chain = "POSTROUTING"; _cleanup_(iptc_freep) struct xtc_handle *h = NULL; @@ -94,14 +90,14 @@ int fw_add_masquerade( struct ipt_entry_target *t; size_t sz; struct nf_nat_ipv4_multi_range_compat *mr; - int r; + int r, protocol = 0; + const char *out_interface = NULL; + const union in_addr_union *destination = NULL; + unsigned destination_prefixlen = 0; if (af != AF_INET) return -EOPNOTSUPP; - if (!IN_SET(protocol, 0, IPPROTO_TCP, IPPROTO_UDP)) - return -EOPNOTSUPP; - h = iptc_init("nat"); if (!h) return -errno; diff --git a/src/shared/firewall-util.h b/src/shared/firewall-util.h index 01a3c8a846..f7191ba006 100644 --- a/src/shared/firewall-util.h +++ b/src/shared/firewall-util.h @@ -11,12 +11,8 @@ int fw_add_masquerade( bool add, int af, - int protocol, const union in_addr_union *source, - unsigned source_prefixlen, - const char *out_interface, - const union in_addr_union *destination, - unsigned destination_prefixlen); + unsigned source_prefixlen); int fw_add_local_dnat( bool add, @@ -32,12 +28,8 @@ int fw_add_local_dnat( static inline int fw_add_masquerade( bool add, int af, - int protocol, const union in_addr_union *source, - unsigned source_prefixlen, - const char *out_interface, - const union in_addr_union *destination, - unsigned destination_prefixlen) { + unsigned source_prefixlen) { return -EOPNOTSUPP; } diff --git a/src/test/test-firewall-util.c b/src/test/test-firewall-util.c index 479669fe45..25c5a6cbf5 100644 --- a/src/test/test-firewall-util.c +++ b/src/test/test-firewall-util.c @@ -10,15 +10,15 @@ int main(int argc, char *argv[]) { int r; test_setup_logging(LOG_DEBUG); - r = fw_add_masquerade(true, AF_INET, 0, NULL, 0, "foobar", NULL, 0); + r = fw_add_masquerade(true, AF_INET, NULL, 0); if (r < 0) log_error_errno(r, "Failed to modify firewall: %m"); - r = fw_add_masquerade(true, AF_INET, 0, NULL, 0, "foobar", NULL, 0); + r = fw_add_masquerade(true, AF_INET, NULL, 0); if (r < 0) log_error_errno(r, "Failed to modify firewall: %m"); - r = fw_add_masquerade(false, AF_INET, 0, NULL, 0, "foobar", NULL, 0); + r = fw_add_masquerade(false, AF_INET, NULL, 0); if (r < 0) log_error_errno(r, "Failed to modify firewall: %m");