evaluate: convert expr_rt byteorder when evaluating statment arg

expr_rt might write data in host byte order, so make sure to
convert if needed.

This makes 'tcp option maxseg size rt mtu' actually work, right now such rules
are no-ops because nft_exthdr never increases the mss.

While at it, extend the example to not bother testing non-syn packets.

Reported-by: Matteo Croce <technoboy85@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>

3 files changed, 5 insertions, 2 deletions

diff --git a/doc/nft.xml b/doc/nft.xml
index 4e2730f6..cf933489 100644
--- a/doc/nft.xml
+++ b/doc/nft.xml
@@ -4274,9 +4274,9 @@ ip forward ip dscp set 42
 				<example>
 					<title>change tcp mss</title>
 					<programlisting>
-tcp option maxseg size set 1360
+tcp flags syn tcp option maxseg size set 1360
 # set a size based on route information:
-tcp option maxseg size set rt mtu
+tcp flags syn tcp option maxseg size set rt mtu
 					</programlisting>
 				</example>
 			</para>
diff --git a/src/evaluate.c b/src/evaluate.c
index f21ac1a0..9954d5c5 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1799,6 +1799,8 @@ static int stmt_evaluate_arg(struct eval_ctx *ctx, struct stmt *stmt,
 		return stmt_binary_error(ctx, *expr, stmt,
 					 "you cannot reference a set here, "
 					 "unknown value to use");
+	case EXPR_RT:
+		return byteorder_conversion(ctx, expr, byteorder);
 	default:
 		break;
 	}
diff --git a/tests/py/inet/rt.t.payload b/tests/py/inet/rt.t.payload
index 2f6265ed..928e0095 100644
--- a/tests/py/inet/rt.t.payload
+++ b/tests/py/inet/rt.t.payload
@@ -15,5 +15,6 @@ inet test-inet output
 # tcp option maxseg size set rt mtu
 inet test-inet output
   [ rt load tcpmss => reg 1 ]
+  [ byteorder reg 1 = hton(reg 1, 2, 2) ]
   [ exthdr write tcpopt reg 1 => 2b @ 2 + 2 ]