]> git.ipfire.org Git - thirdparty/nftables.git/commit
projects / thirdparty / nftables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: dad3338) | patch
src: raw payload match and mangle on inner header / payload data
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 2 Nov 2021 13:01:58 +0000 (14:01 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 8 Nov 2021 09:53:59 +0000 (10:53 +0100)
commitb67abc51ba6f78be79f344dfda9c6d0753d79aea
tree974a155489e69c0a9a5c9f3ee209ca5bec2d3c99tree | snapshot
parentdad3338f1f76a4a5bd782bae9c6b48941dfb1e31commit | diff
src: raw payload match and mangle on inner header / payload data

This patch adds support to match on inner header / payload data:

 # nft add rule x y @ih,32,32 0x14000000 counter

you can also mangle payload data:

 # nft add rule x y @ih,32,32 set 0x14000000 counter

This update triggers a checksum update at the layer 4 header via
csum_flags, mangling odd bytes is also aligned to 16-bits.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/proto.h diff | blob | blame | history
src/evaluate.c diff | blob | blame | history
src/netlink_linearize.c diff | blob | blame | history
src/parser_bison.y diff | blob | blame | history
src/proto.c diff | blob | blame | history
src/scanner.l diff | blob | blame | history
Mirror of git://git.netfilter.org/nftables