expr: payload: print tunnel header

The debug printing of the payload expr shows the tunnel header name as
unknown. Since after the first version we added two new payload bases
inner and tunnel, I prefer to make this change to meet possible future
extensions rather than setting NFT_PAYLOAD_TUN_HEADER as the new bound.

Reproduce:

nft --debug netlink add rule inet t c meta l4proto udp vxlan vni 0x123456

Before patch:
  ...
  [ inner type 1 hdrsize 8 flags f [ payload load 3b @ unknown header + 4 => reg 1 ] ]
  ...

After patch:
  ...
  [ inner type 1 hdrsize 8 flags f [ payload load 3b @ tunnel header + 4 => reg 1 ] ]
  ...

[ Remove defensive check in original patch --pablo ]

Fixes: 3f3909afd76d ("expr: add inner support")
Signed-off-by: Zhongqiu Duan <dzq.aishenghu0@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/expr/payload.c b/src/expr/payload.c
index c3ac0c345aec6e237a61f623385f9fb726628563..593b8422c44e6c393032799fef5a8f1a8535a989 100644 (file)
--- a/src/expr/payload.c
+++ b/src/expr/payload.c
@@ -207,7 +207,7 @@ static const char *base2str_array[NFT_PAYLOAD_TUN_HEADER + 1] = {
 
 static const char *base2str(enum nft_payload_bases base)
 {
-       if (base > NFT_PAYLOAD_INNER_HEADER)
+       if (base >= array_size(base2str_array))
                return "unknown";
 
        return base2str_array[base];