git.ipfire.org Git - thirdparty/nftables.git/commit

author	Stefano Brivio <sbrivio@redhat.com>
	Thu, 30 Jan 2020 00:16:56 +0000 (01:16 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 7 Feb 2020 12:53:37 +0000 (13:53 +0100)
commit	6156ba34018dddd59cb6737cfd5a69a0cbc5eaa4
tree	5602a86a1ebef4e82c5d0b3517bb4273a26d6ac6	tree \| snapshot
parent	9b94127950f9848bc5a1505ae65ca3045ff68a16	commit \| diff

src: Add support for NFTNL_SET_DESC_CONCAT

To support arbitrary range concatenations, the kernel needs to know
how long each field in the concatenation is. The new libnftnl
NFTNL_SET_DESC_CONCAT set attribute describes this as an array of
lengths, in bytes, of concatenated fields.

While evaluating concatenated expressions, export the datatype size
into the new field_len array, and hand the data over via libnftnl.

Similarly, when data is passed back from libnftnl, parse it into
the set description.

When set data is cloned, we now need to copy the additional fields
in set_clone(), too.

This change depends on the libnftnl patch with title:
set: Add support for NFTA_SET_DESC_CONCAT attributes

v4: No changes
v3: Rework to use set description data instead of a stand-alone
attribute
v2: No changes

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/expression.h		diff \| blob \| blame \| history
include/rule.h		diff \| blob \| blame \| history
src/evaluate.c		diff \| blob \| blame \| history
src/mnl.c		diff \| blob \| blame \| history
src/netlink.c		diff \| blob \| blame \| history
src/rule.c		diff \| blob \| blame \| history