summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorShivani Bhardwaj <shivanib134@gmail.com>2016-01-29 01:05:37 +0530
committerPablo Neira Ayuso <pablo@netfilter.org>2016-01-31 22:47:14 +0100
commit878b97fc251a09c12db489c32b87bf33aa5aa81b (patch)
treec3821368cd82a30a47b638efdcbec14f705d0197
parent6f137a2db3419e961e41eda28668cd99e8a3f2e2 (diff)
src: netlink_linearize: Fix bug for redirect target
Before this patch, $ sudo nft --debug=netlink add rule ip nat post ip protocol tcp redirect to 100-200 ip nat post [ payload load 1b @ network header + 9 => reg 1 ] [ cmp eq reg 1 0x00000006 ] [ immediate reg 1 0x00006400 ] [ immediate reg 2 0x0000c800 ] [ redir proto_min reg 1 proto_max reg 5 ] <cmdline>:1:1-56: Error: Could not process rule: Invalid argument add rule ip nat post ip protocol tcp redirect to 100-200 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ After this patch, $ sudo nft --debug=netlink add rule ip nat post ip protocol tcp redirect to 100-200 ip nat post [ payload load 1b @ network header + 9 => reg 1 ] [ cmp eq reg 1 0x00000006 ] [ immediate reg 1 0x00006400 ] [ immediate reg 2 0x0000c800 ] [ redir proto_min reg 1 proto_max reg 2 ] Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--src/netlink_linearize.c15
1 files changed, 9 insertions, 6 deletions
diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index 63b3146c..86b49c64 100644
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -919,14 +919,17 @@ static void netlink_gen_redir_stmt(struct netlink_linearize_ctx *ctx,
pmin_reg);
netlink_gen_expr(ctx, stmt->redir.proto->right,
pmax_reg);
- nftnl_expr_set_u32(nle, NFTNL_EXPR_REDIR_REG_PROTO_MIN,
- pmin_reg);
- nftnl_expr_set_u32(nle, NFTNL_EXPR_REDIR_REG_PROTO_MAX,
- pmax_reg);
+ netlink_put_register(nle,
+ NFTNL_EXPR_REDIR_REG_PROTO_MIN,
+ pmin_reg);
+ netlink_put_register(nle,
+ NFTNL_EXPR_REDIR_REG_PROTO_MAX,
+ pmax_reg);
} else {
netlink_gen_expr(ctx, stmt->redir.proto, pmin_reg);
- nftnl_expr_set_u32(nle, NFTNL_EXPR_REDIR_REG_PROTO_MIN,
- pmin_reg);
+ netlink_put_register(nle,
+ NFTNL_EXPR_REDIR_REG_PROTO_MIN,
+ pmin_reg);
}
}