commit
0c17b910b3e19c4eacf5567f90b6545ed1fd8aac upstream.
Make sure they match the standard syntax input as much as possible.
For some reason inet/tcp.t.json was using plain arrays in place of
binary OR expressions in many cases. These arrays are interpreted as
list expressions, which seems to be semantically identical but the goal
here is to present an accurate equivalent to the rule in standard
syntax.
Signed-off-by: Phil Sutter <phil@nwl.cc>
}
},
"op": "==",
- "right": "17:00"
+ "right": "17:00:00"
}
},
{
"left": {
"tcp option": {
"field": "left",
- "name": "sack"
+ "name": "sack0"
}
},
"op": "==",
"left": {
"tcp option": {
"field": "right",
- "name": "sack"
+ "name": "sack0"
}
},
"op": "==",
"op": "==",
"right": {
"set": [
+ "syn",
{
"|": [
"syn",
"ack"
]
- },
- "syn"
+ }
]
}
}
"op": "==",
"right": {
"set": [
- { "|": [ "fin", "psh", "ack" ] },
"fin",
+ "ack",
{ "|": [ "psh", "ack" ] },
- "ack"
+ { "|": [ "fin", "psh", "ack" ] }
]
}
}
"protocol": "tcp"
}
},
- [
- "fin",
- "syn"
- ]
+ {
+ "|": [
+ "fin",
+ "syn"
+ ]
+ }
]
},
"op": "==",
- "right": [
- "fin",
- "syn"
- ]
+ "right": {
+ "|": [
+ "fin",
+ "syn"
+ ]
+ }
}
}
]
"protocol": "tcp"
}
},
- [
- "fin",
- "syn"
- ]
+ {
+ "|": [
+ "fin",
+ "syn"
+ ]
+ }
]
},
"op": "!=",
"protocol": "tcp"
}
},
- [
- "fin",
- "syn",
- "rst",
- "ack"
- ]
+ {
+ "|": [
+ "fin",
+ "syn",
+ "rst",
+ "ack"
+ ]
+ }
]
},
"op": "==",
"protocol": "tcp"
}
},
- [
- "fin",
- "syn",
- "rst",
- "ack"
- ]
+ {
+ "|": [
+ "fin",
+ "syn",
+ "rst",
+ "ack"
+ ]
+ }
]
},
"op": "==",
"protocol": "tcp"
}
},
- [
- "fin",
- "syn",
- "rst",
- "ack"
- ]
+ {
+ "|": [
+ "fin",
+ "syn",
+ "rst",
+ "ack"
+ ]
+ }
]
},
"op": "!=",
"protocol": "tcp"
}
},
- [
- "fin",
- "syn",
- "rst",
- "ack"
- ]
+ {
+ "|": [
+ "fin",
+ "syn",
+ "rst",
+ "ack"
+ ]
+ }
]
},
"op": "==",
- "right": [
- "syn",
- "ack"
- ]
+ "right": {
+ "|": [
+ "syn",
+ "ack"
+ ]
+ }
}
}
]
"protocol": "tcp"
}
},
- [
- "syn",
- "ack"
- ]
+ {
+ "|": [
+ "syn",
+ "ack"
+ ]
+ }
]
},
"op": "==",
- "right": [
- "syn",
- "ack"
- ]
+ "right": {
+ "|": [
+ "syn",
+ "ack"
+ ]
+ }
}
}
]
projects / thirdparty / nftables.git / commitdiff
