]> git.ipfire.org Git - thirdparty/nftables.git/commitdiff
projects / thirdparty / nftables.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4ac2cd1)
evaluate: convert the byte-order of payload statement arguments.
authorJeremy Sowden <jeremy@azazel.net>
Tue, 3 Mar 2020 09:48:30 +0000 (09:48 +0000)
committerFlorian Westphal <fw@strlen.de>
Wed, 4 Mar 2020 22:36:41 +0000 (23:36 +0100)
Since shift operations require host byte-order, we need to be able to
convert the result of the shift back to network byte-order, in a rule
like:

  nft add rule ip t c tcp dport set tcp dport lshift 1

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
src/evaluate.c patch | blob | blame | history

diff --git a/src/evaluate.c b/src/evaluate.c
index a169e41bd83325e4c19bcb3b9b7a7cecc5faa482..9b1a04f26f44d212ec03c0a51e6360483d0cf7af 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2225,6 +2225,11 @@ static int stmt_evaluate_payload(struct eval_ctx *ctx, struct stmt *stmt)
                              payload->byteorder, &stmt->payload.val) < 0)
                return -1;
 
+       if (!expr_is_constant(stmt->payload.val) &&
+           byteorder_conversion(ctx, &stmt->payload.val,
+                                payload->byteorder) < 0)
+               return -1;
+
        need_csum = stmt_evaluate_payload_need_csum(payload);
 
        if (!payload_needs_adjustment(payload)) {
Mirror of git://git.netfilter.org/nftables