src: generate set members using integer_type in the appropriate byteorder

Rules with header fields that rely on the generic integer datatype from sets are not matching, eg. nft add rule filter input udp length { 9 } counter This set member is an integer represented in host byte order, which obviously doesn't match the header field (in network byte order). Since the integer datatype has no specific byteorder, we have to rely on the expression byteorder instead when configuring the context, before we evaluate the list of set members. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2014-12-08 20:26:30 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-12-09 19:12:20 +0100
commit: 0451b82aaaf0b0bf67e7dcf38ffa4f7cef5e3066 (patch)
tree: 949ecaabd5ec69ef9bb465e08ba734cf28d46947 /src/evaluate.c
parent: 82e0a693110be85b6ebc023b4dbf5e798ac60bdc (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index 00e55b7d..07326607 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -238,6 +238,7 @@ static int expr_evaluate_value(struct eval_ctx *ctx, struct expr **expr)
 			mpz_clear(mask);
 			return -1;
 		}
+		(*expr)->byteorder = ctx->ectx.byteorder;
 		(*expr)->len = ctx->ectx.len;
 		mpz_clear(mask);
 		break;
@@ -261,7 +262,8 @@ static int expr_evaluate_value(struct eval_ctx *ctx, struct expr **expr)
  */
 static int expr_evaluate_primary(struct eval_ctx *ctx, struct expr **expr)
 {
-	expr_set_context(&ctx->ectx, (*expr)->dtype, (*expr)->len);
+	__expr_set_context(&ctx->ectx, (*expr)->dtype, (*expr)->byteorder,
+			   (*expr)->len);
 	return 0;
 }
author	Pablo Neira Ayuso <pablo@netfilter.org>	2014-12-08 20:26:30 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-12-09 19:12:20 +0100
commit	0451b82aaaf0b0bf67e7dcf38ffa4f7cef5e3066 (patch)
tree	949ecaabd5ec69ef9bb465e08ba734cf28d46947 /src/evaluate.c
parent	82e0a693110be85b6ebc023b4dbf5e798ac60bdc (diff)