diff options
author | Jorge Ortiz <jorge.ortiz.escribano@gmail.com> | 2023-08-28 21:09:10 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-09-01 11:01:14 +0200 |
commit | 5bedf4a11e2118841598623ad4bedb6cbb23994f (patch) | |
tree | 3487d610dc982bbaf094cdd1dd33239e0882c3e1 /src/expression.c | |
parent | ea7ed1ae1389a352f8711a20861d391c9a8a3d3a (diff) |
evaluate: place byteorder conversion after numgen for IP address datatypes
The numgen extension generates numbers in little-endian.
This can be very tricky when trying to combine it with IP addresses, which use big endian.
This change adds a new byteorder operation to convert data type endianness.
Before this patch:
$ sudo nft -d netlink add rule nat snat_chain snat to numgen inc mod 7 offset 0x0a000001
ip nat snat_chain
[ numgen reg 1 = inc mod 7 offset 167772161 ]
[ nat snat ip addr_min reg 1 ]
After this patch:
$ sudo nft -d netlink add rule nat snat_chain snat to numgen inc mod 7 offset 0x0a000001
ip nat snat_chain
[ numgen reg 1 = inc mod 7 offset 167772161 ]
[ byteorder reg 1 = hton(reg 1, 4, 4) ]
[ nat snat ip addr_min reg 1 ]
Regression tests have been modified to include these new cases.
Signed-off-by: Jorge Ortiz Escribano <jorge.ortiz.escribano@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/expression.c')
0 files changed, 0 insertions, 0 deletions