diff options
author | Florian Westphal <fw@strlen.de> | 2020-12-08 15:49:42 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2020-12-09 18:33:53 +0100 |
commit | 98b871512c4677848a12e8204fe35eb870660304 (patch) | |
tree | 797ec078c8875b6e33fda15a94c9dfa86f73df22 /src/evaluate.c | |
parent | e63f067f597d1129b3fff91d2404701de90226d1 (diff) |
src: add auto-dependencies for ipv4 icmp
The ICMP header has field values that are only exist
for certain types.
Mark the icmp proto 'type' field as a nextheader field
and add a new th description to store the icmp type
dependency. This can later be re-used for other protocol
dependend definitions such as mptcp options -- which are all share the
same tcp option number and have a special 4 bit marker inside the
mptcp option space that tells how the remaining option looks like.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'src/evaluate.c')
-rw-r--r-- | src/evaluate.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index 76b25b40..3eb8e1bf 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -706,7 +706,8 @@ static int __expr_evaluate_payload(struct eval_ctx *ctx, struct expr *expr) return -1; rule_stmt_insert_at(ctx->rule, nstmt, ctx->stmt); - return 0; + desc = ctx->pctx.protocol[base].desc; + goto check_icmp; } if (payload->payload.base == desc->base && @@ -724,7 +725,24 @@ static int __expr_evaluate_payload(struct eval_ctx *ctx, struct expr *expr) * if needed. */ if (desc == payload->payload.desc) { + const struct proto_hdr_template *tmpl; + payload->payload.offset += ctx->pctx.protocol[base].offset; +check_icmp: + if (desc != &proto_icmp) + return 0; + + tmpl = expr->payload.tmpl; + + if (!tmpl || !tmpl->icmp_dep) + return 0; + + if (payload_gen_icmp_dependency(ctx, expr, &nstmt) < 0) + return -1; + + if (nstmt) + rule_stmt_insert_at(ctx->rule, nstmt, ctx->stmt); + return 0; } /* If we already have context and this payload is on the same |