summaryrefslogtreecommitdiffstats
path: root/iptables/nft-shared.c
diff options
context:
space:
mode:
Diffstat (limited to 'iptables/nft-shared.c')
-rw-r--r--iptables/nft-shared.c9
1 files changed, 4 insertions, 5 deletions
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index dd1dfca2..76984e81 100644
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -49,7 +49,7 @@ void add_meta(struct nft_rule *r, uint32_t key)
nft_rule_add_expr(r, expr);
}
-void add_payload(struct nft_rule *r, int offset, int len)
+void add_payload(struct nft_rule *r, int offset, int len, uint32_t base)
{
struct nft_rule_expr *expr;
@@ -57,8 +57,7 @@ void add_payload(struct nft_rule *r, int offset, int len)
if (expr == NULL)
return;
- nft_rule_expr_set_u32(expr, NFT_EXPR_PAYLOAD_BASE,
- NFT_PAYLOAD_NETWORK_HEADER);
+ nft_rule_expr_set_u32(expr, NFT_EXPR_PAYLOAD_BASE, base);
nft_rule_expr_set_u32(expr, NFT_EXPR_PAYLOAD_DREG, NFT_REG_1);
nft_rule_expr_set_u32(expr, NFT_EXPR_PAYLOAD_OFFSET, offset);
nft_rule_expr_set_u32(expr, NFT_EXPR_PAYLOAD_LEN, len);
@@ -161,7 +160,7 @@ void add_outiface(struct nft_rule *r, char *iface, uint32_t op)
void add_addr(struct nft_rule *r, int offset,
void *data, void *mask, size_t len, uint32_t op)
{
- add_payload(r, offset, len);
+ add_payload(r, offset, len, NFT_PAYLOAD_NETWORK_HEADER);
add_bitwise(r, mask, len);
add_cmp_ptr(r, op, data, len);
@@ -170,7 +169,7 @@ void add_addr(struct nft_rule *r, int offset,
void add_proto(struct nft_rule *r, int offset, size_t len,
uint8_t proto, uint32_t op)
{
- add_payload(r, offset, len);
+ add_payload(r, offset, len, NFT_PAYLOAD_NETWORK_HEADER);
add_cmp_u8(r, proto, op);
}