extern const struct datatype nfproto_type;
extern const struct datatype bitmask_type;
extern const struct datatype integer_type;
-extern const struct datatype xinteger_type;
extern const struct datatype string_type;
extern const struct datatype lladdr_type;
extern const struct datatype ipaddr_type;
extern const struct datatype reject_icmpv6_code_type;
extern const struct datatype reject_icmpx_code_type;
+/* TYPE_INTEGER aliases: */
+extern const struct datatype xinteger_type;
+extern const struct datatype mptcpopt_subtype;
+
void inet_service_type_print(const struct expr *expr, struct output_ctx *octx);
extern const struct datatype *concat_type_alloc(uint32_t type);
},
};
+static const struct symbol_table mptcp_subtype_tbl = {
+ .base = BASE_DECIMAL,
+ .symbols = {
+ SYMBOL("mp-capable", 0),
+ SYMBOL("mp-join", 1),
+ SYMBOL("dss", 2),
+ SYMBOL("add-addr", 3),
+ SYMBOL("remove-addr", 4),
+ SYMBOL("mp-prio", 5),
+ SYMBOL("mp-fail", 6),
+ SYMBOL("mp-fastclose", 7),
+ SYMBOL("mp-tcprst", 8),
+ SYMBOL_LIST_END
+ },
+};
+
+/* alias of integer_type to parse mptcp subtypes */
+const struct datatype mptcpopt_subtype = {
+ .type = TYPE_INTEGER,
+ .name = "integer",
+ .desc = "mptcp option subtype",
+ .size = 4,
+ .basetype = &integer_type,
+ .sym_tbl = &mptcp_subtype_tbl,
+};
static const struct exthdr_desc tcpopt_mptcp = {
.name = "mptcp",
.templates = {
[TCPOPT_MPTCP_KIND] = PHT("kind", 0, 8),
[TCPOPT_MPTCP_LENGTH] = PHT("length", 8, 8),
- [TCPOPT_MPTCP_SUBTYPE] = PHT("subtype", 16, 4),
+ [TCPOPT_MPTCP_SUBTYPE] = PROTO_HDR_TEMPLATE("subtype",
+ &mptcpopt_subtype,
+ BYTEORDER_BIG_ENDIAN,
+ 16, 4),
},
};
tcp option fastopen exists;ok
tcp option mptcp exists;ok
-tcp option mptcp subtype 0;ok
-tcp option mptcp subtype 1;ok
+tcp option mptcp subtype mp-capable;ok
+tcp option mptcp subtype 1;ok;tcp option mptcp subtype mp-join
tcp option mptcp subtype { 0, 2};ok
reset tcp option mptcp;ok
}
]
-# tcp option mptcp subtype 0
+# tcp option mptcp subtype mp-capable
[
{
"match": {
}
},
"op": "==",
- "right": 0
+ "right": "mp-capable"
}
}
]
}
},
"op": "==",
- "right": 1
+ "right": "mp-join"
}
}
]
[ exthdr load tcpopt 1b @ 30 + 0 present => reg 1 ]
[ cmp eq reg 1 0x00000001 ]
-# tcp option mptcp subtype 0
+# tcp option mptcp subtype mp-capable
inet
[ exthdr load tcpopt 1b @ 30 + 2 => reg 1 ]
[ bitwise reg 1 = ( reg 1 & 0x000000f0 ) ^ 0x00000000 ]
elements = { "eth0" . 10.1.1.2 . exists }
}
+ set s13 {
+ typeof tcp option mptcp subtype
+ elements = { mp-join, dss }
+ }
+
chain c1 {
osf name @s1 accept
}
chain c12 {
iifname . ip saddr . meta ipsec @s12 accept
}
+
+ chain c13 {
+ tcp option mptcp subtype @s13 accept
+ }
}
typeof meta iifname . ip saddr . meta ipsec
elements = { \"eth0\" . 10.1.1.2 . 1 }
}
+
+ set s13 {
+ typeof tcp option mptcp subtype
+ elements = { mp-join, dss }
+ }
$INPUT_OSF_CHAIN
chain c2 {
ether type vlan vlan id @s2 accept
chain c12 {
meta iifname . ip saddr . meta ipsec @s12 accept
}
+
+ chain c13 {
+ tcp option mptcp subtype @s13 accept
+ }
}"
EXPECTED="table inet t {$INPUT_OSF_SET
typeof iifname . ip saddr . meta ipsec
elements = { \"eth0\" . 10.1.1.2 . exists }
}
+
+ set s13 {
+ typeof tcp option mptcp subtype
+ elements = { mp-join, dss }
+ }
$INPUT_OSF_CHAIN
chain c2 {
vlan id @s2 accept
chain c12 {
iifname . ip saddr . meta ipsec @s12 accept
}
+
+ chain c13 {
+ tcp option mptcp subtype @s13 accept
+ }
}"
projects / thirdparty / nftables.git / commitdiff
