diff options
-rw-r--r-- | iptables/nft-shared.c | 8 | ||||
-rw-r--r-- | iptables/nft-shared.h | 4 |
2 files changed, 11 insertions, 1 deletions
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c index 80d4e1fc..a67302ee 100644 --- a/iptables/nft-shared.c +++ b/iptables/nft-shared.c @@ -445,8 +445,16 @@ static void nft_parse_meta(struct nft_xt_ctx *ctx, struct nftnl_expr *e) static void nft_parse_payload(struct nft_xt_ctx *ctx, struct nftnl_expr *e) { + if (ctx->flags & NFT_XT_CTX_PAYLOAD) { + memcpy(&ctx->prev_payload, &ctx->payload, + sizeof(ctx->prev_payload)); + ctx->flags |= NFT_XT_CTX_PREV_PAYLOAD; + } + ctx->reg = nftnl_expr_get_u32(e, NFTNL_EXPR_META_DREG); + ctx->payload.base = nftnl_expr_get_u32(e, NFTNL_EXPR_PAYLOAD_BASE); ctx->payload.offset = nftnl_expr_get_u32(e, NFTNL_EXPR_PAYLOAD_OFFSET); + ctx->payload.len = nftnl_expr_get_u32(e, NFTNL_EXPR_PAYLOAD_LEN); ctx->flags |= NFT_XT_CTX_PAYLOAD; } diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h index e79323c8..4dc44b84 100644 --- a/iptables/nft-shared.h +++ b/iptables/nft-shared.h @@ -43,6 +43,7 @@ enum { NFT_XT_CTX_META = (1 << 1), NFT_XT_CTX_BITWISE = (1 << 2), NFT_XT_CTX_IMMEDIATE = (1 << 3), + NFT_XT_CTX_PREV_PAYLOAD = (1 << 4), }; struct nft_xt_ctx { @@ -53,9 +54,10 @@ struct nft_xt_ctx { uint32_t reg; struct { + uint32_t base; uint32_t offset; uint32_t len; - } payload; + } payload, prev_payload; struct { uint32_t key; } meta; |