diff options
author | Florian Westphal <fw@strlen.de> | 2013-09-20 16:01:33 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-09-23 20:27:04 +0200 |
commit | e391b72b611403d184bbb26e3d076d543c7ea7c6 (patch) | |
tree | fac59463aa6be50714b49c29ea4e9a6dff7701ac /src/ct.c | |
parent | 968dff13e3bf0c7c4c55aeec6e62d184d9807410 (diff) |
meta: iif/oifname should be host byte order
src/nft add rule filter output meta oifname eth0
doesn't work on x86. Problem is that nft declares these as
BYTEORDER_INVALID, but when converting the string mpz_import_data
treats INVALID like BIG_ENDIAN.
[ cmp eq reg 1 0x00000000 0x00000000 0x65000000 0x00306874 ]
as kernel nft_cmp_eval basically boils down to
memcmp(reg, skb->dev->name, sizeof(reg) comparision fails.
with patch:
[ cmp eq reg 1 0x30687465 0x00000000 0x00000000 0x00000000 ]
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/ct.c')
-rw-r--r-- | src/ct.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -110,7 +110,7 @@ static const struct ct_template ct_templates[] = { BYTEORDER_HOST_ENDIAN, 4 * BITS_PER_BYTE), [NFT_CT_HELPER] = CT_TEMPLATE("helper", &string_type, - BYTEORDER_INVALID, 0), + BYTEORDER_HOST_ENDIAN, 0), [NFT_CT_L3PROTOCOL] = CT_TEMPLATE("l3proto", &invalid_type, BYTEORDER_INVALID, BITS_PER_BYTE), |