src: netlink_linearize: Fix bug for redirect target

Before this patch,
$ sudo nft --debug=netlink add rule ip nat post ip protocol tcp redirect to 100-200
ip nat post
  [ payload load 1b @ network header + 9 => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ immediate reg 1 0x00006400 ]
  [ immediate reg 2 0x0000c800 ]
  [ redir proto_min reg 1 proto_max reg 5 ]

<cmdline>:1:1-56: Error: Could not process rule: Invalid argument
add rule ip nat post ip protocol tcp redirect to 100-200
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

After this patch,
$ sudo nft --debug=netlink add rule ip nat post ip protocol tcp redirect to 100-200
ip nat post
  [ payload load 1b @ network header + 9 => reg 1 ]
  [ cmp eq reg 1 0x00000006 ]
  [ immediate reg 1 0x00006400 ]
  [ immediate reg 2 0x0000c800 ]
  [ redir proto_min reg 1 proto_max reg 2 ]

Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index 63b3146cdd0acd9f8489c7c9c77cc21003a52de8..86b49c641784030d285eba29475e3d3ccc1fe9a9 100644 (file)
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -919,14 +919,17 @@ static void netlink_gen_redir_stmt(struct netlink_linearize_ctx *ctx,
                                         pmin_reg);
                        netlink_gen_expr(ctx, stmt->redir.proto->right,
                                         pmax_reg);
-                       nftnl_expr_set_u32(nle, NFTNL_EXPR_REDIR_REG_PROTO_MIN,
-                                          pmin_reg);
-                       nftnl_expr_set_u32(nle, NFTNL_EXPR_REDIR_REG_PROTO_MAX,
-                                          pmax_reg);
+                       netlink_put_register(nle,
+                                            NFTNL_EXPR_REDIR_REG_PROTO_MIN,
+                                            pmin_reg);
+                       netlink_put_register(nle,
+                                            NFTNL_EXPR_REDIR_REG_PROTO_MAX,
+                                            pmax_reg);
                } else {
                        netlink_gen_expr(ctx, stmt->redir.proto, pmin_reg);
-                       nftnl_expr_set_u32(nle, NFTNL_EXPR_REDIR_REG_PROTO_MIN,
-                                          pmin_reg);
+                       netlink_put_register(nle,
+                                            NFTNL_EXPR_REDIR_REG_PROTO_MIN,
+                                            pmin_reg);
                }
        }