git.ipfire.org Git - thirdparty/nftables.git/commit

author	Phil Sutter <phil@nwl.cc>
	Sat, 11 Mar 2017 13:31:39 +0000 (14:31 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 13 Mar 2017 11:13:43 +0000 (12:13 +0100)
commit	f686a17eafa0bb5e9b0665c646fac09c9f95c0a5
tree	a120b7e5ecc815f9daef482f1e9159021f8d00fb	tree
parent	c6cd7c22548a545ea9a831a1ea725d1716295b4a	commit \| diff

fib: Support existence check

This allows to check whether a FIB entry exists for a given packet by
comparing the expression with a boolean keyword like so:

| fib daddr oif exists

The implementation requires introduction of a generic expression flag
EXPR_F_BOOLEAN which allows relational expression to signal it's LHS
that a boolean comparison is being done (indicated by boolean type on
RHS). In contrast to exthdr existence checks, fib expression can't know
this in beforehand because the LHS syntax is absolutely identical to a
non-boolean comparison.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/expression.h		diff \| blob \| blame \| history
include/linux/netfilter/nf_tables.h		diff \| blob \| blame \| history
src/evaluate.c		diff \| blob \| blame \| history
src/expression.c		diff \| blob \| blame \| history
src/fib.c		diff \| blob \| blame \| history
tests/py/inet/fib.t		diff \| blob \| blame \| history
tests/py/inet/fib.t.payload		diff \| blob \| blame \| history