6 files changed, 305 insertions, 280 deletions
diff --git a/include/expression.h b/include/expression.h
index d8f28682..2b7b3795 100644
--- a/include/expression.h
+++ b/include/expression.h
@@ -225,15 +225,15 @@ struct expr {
 
 		struct {
 			/* EXPR_PAYLOAD */
-			const struct payload_desc	*desc;
-			const struct payload_template	*tmpl;
-			enum payload_bases		base;
+			const struct proto_desc		*desc;
+			const struct proto_hdr_template	*tmpl;
+			enum proto_bases		base;
 			unsigned int			offset;
 		} payload;
 		struct {
 			/* EXPR_EXTHDR */
 			const struct exthdr_desc	*desc;
-			const struct payload_template	*tmpl;
+			const struct proto_hdr_template	*tmpl;
 		} exthdr;
 		struct {
 			/* EXPR_META */
diff --git a/include/exthdr.h b/include/exthdr.h
index 62e69bd2..87c42857 100644
--- a/include/exthdr.h
+++ b/include/exthdr.h
@@ -1,17 +1,19 @@
 #ifndef NFTABLES_EXTHDR_H
 #define NFTABLES_EXTHDR_H
 
+#include <proto.h>
+
 /**
  * struct exthdr_desc - extension header description
  *
  * @name:	extension header name
  * @type:	extension header protocol value
- * @templates:	header templates
+ * @templates:	header field templates
  */
 struct exthdr_desc {
 	const char			*name;
 	uint8_t				type;
-	struct payload_template		templates[10];
+	struct proto_hdr_template	templates[10];
 };
 
 extern struct expr *exthdr_expr_alloc(const struct location *loc,
diff --git a/include/meta.h b/include/meta.h
index 459221fb..23f78cf1 100644
--- a/include/meta.h
+++ b/include/meta.h
@@ -25,5 +25,7 @@ struct meta_template {
 
 extern struct expr *meta_expr_alloc(const struct location *loc,
 				    enum nft_meta_keys key);
+extern void meta_expr_pctx_update(struct proto_ctx *ctx,
+				  const struct expr *expr);
 
 #endif /* NFTABLES_META_H */
diff --git a/include/payload.h b/include/payload.h
index fa8d82e1..54d8d547 100644
--- a/include/payload.h
+++ b/include/payload.h
@@ -2,128 +2,16 @@
 #define NFTABLES_PAYLOAD_H
 
 #include <nftables.h>
-
-/**
- * enum payload_bases
- *
- * @PAYLOAD_BASE_INVALID:	uninitialised, does not happen
- * @PAYLOAD_BASE_LL_HDR:	link layer header
- * @PAYLOAD_BASE_NETWORK_HDR:	network layer header
- * @PAYLOAD_BASE_TRANSPORT_HDR:	transport layer header
- */
-enum payload_bases {
-	PAYLOAD_BASE_INVALID,
-	PAYLOAD_BASE_LL_HDR,
-	PAYLOAD_BASE_NETWORK_HDR,
-	PAYLOAD_BASE_TRANSPORT_HDR,
-	__PAYLOAD_BASE_MAX
-};
-#define PAYLOAD_BASE_MAX	(__PAYLOAD_BASE_MAX - 1)
-
-/**
- * struct payload_template - template for a payload header expression
- *
- * @token:	parser token describing the header field
- * @dtype:	data type of the expression
- * @offset:	offset from base
- * @len:	length of header field
- */
-struct payload_template {
-	const char			*token;
-	const struct datatype		*dtype;
-	uint16_t			offset;
-	uint16_t			len;
-};
-
-#define PAYLOAD_TEMPLATE(__token, __dtype,  __offset, __len)		\
-	{								\
-		.token		= (__token),				\
-		.dtype		= (__dtype),				\
-		.offset		= (__offset),				\
-		.len		= (__len),				\
-	}
-
-#define PAYLOAD_PROTO_MAX		16
-#define PAYLOAD_TEMPLATE_MAX		20
-
-/**
- * struct payload_desc - payload protocol description
- *
- * @name:	protocol name
- * @base:	header base
- * @protocol_key: key of template containing upper layer protocol description
- * @protocols:	link to upper layer protocol description indexed by protocol value
- * @templates:	header templates
- */
-struct payload_desc {
-	const char			*name;
-	enum payload_bases		base;
-	unsigned int			protocol_key;
-	struct {
-		unsigned int			num;
-		const struct payload_desc	*desc;
-	}				protocols[PAYLOAD_PROTO_MAX];
-	struct payload_template		templates[PAYLOAD_TEMPLATE_MAX];
-};
-
-#define PAYLOAD_PROTO(__num, __desc)	{ .num = (__num), .desc = (__desc), }
-
-/**
- * struct payload_hook_desc - description of constraints imposed by hook family
- *
- * @base:	protocol base of packets
- * @desc:	protocol description of packets
- */
-struct payload_hook_desc {
-	enum payload_bases		base;
-	const struct payload_desc	*desc;
-};
-
-#define PAYLOAD_HOOK(__base, __desc)	{ .base = (__base), .desc = (__desc), }
-
-/**
- * struct dev_payload_desc - description of device LL protocol
- *
- * @desc:	protocol description
- * @type:	arphrd value
- */
-struct dev_payload_desc {
-	const struct payload_desc	*desc;
-	uint16_t			type;
-};
-
-#define DEV_PAYLOAD_DESC(__type, __desc) { .type = (__type), .desc = (__desc), }
-
-/**
- * struct payload_ctx - payload expression protocol context
- *
- * @family:	hook family
- * @location:	location of expression defining the context
- * @desc:	payload description for this layer
- *
- * The location of the context is the location of the relational expression
- * defining it, either directly through a protocol match or indirectly
- * through a dependency.
- */
-struct payload_ctx {
-	unsigned int			family;
-	struct {
-		struct location			location;
-		const struct payload_desc	*desc;
-	} protocol[PAYLOAD_BASE_MAX + 1];
-};
+#include <proto.h>
 
 extern struct expr *payload_expr_alloc(const struct location *loc,
-				       const struct payload_desc *desc,
+				       const struct proto_desc *desc,
 				       unsigned int type);
-extern void payload_init_raw(struct expr *expr, enum payload_bases base,
+extern void payload_init_raw(struct expr *expr, enum proto_bases base,
 			     unsigned int offset, unsigned int len);
 
-extern void payload_ctx_init(struct payload_ctx *ctx, unsigned int family);
-extern void payload_ctx_update_meta(struct payload_ctx *ctx,
-				    const struct expr *expr);
-extern void payload_ctx_update(struct payload_ctx *ctx,
-			       const struct expr *expr);
+extern void payload_expr_pctx_update(struct proto_ctx *ctx,
+				     const struct expr *expr);
 
 struct eval_ctx;
 extern int payload_gen_dependency(struct eval_ctx *ctx, const struct expr *expr,
@@ -134,162 +22,8 @@ extern struct expr *payload_expr_join(const struct expr *e1,
 				      const struct expr *e2);
 
 extern void payload_expr_expand(struct list_head *list, struct expr *expr,
-				const struct payload_ctx *ctx);
+				const struct proto_ctx *ctx);
 extern void payload_expr_complete(struct expr *expr,
-				  const struct payload_ctx *ctx);
-
-enum eth_hdr_fields {
-	ETHHDR_INVALID,
-	ETHHDR_DADDR,
-	ETHHDR_SADDR,
-	ETHHDR_TYPE,
-};
-
-enum vlan_hdr_fields {
-	VLANHDR_INVALID,
-	VLANHDR_VID,
-	VLANHDR_CFI,
-	VLANHDR_PCP,
-	VLANHDR_TYPE,
-};
-
-enum arp_hdr_fields {
-	ARPHDR_INVALID,
-	ARPHDR_HRD,
-	ARPHDR_PRO,
-	ARPHDR_HLN,
-	ARPHDR_PLN,
-	ARPHDR_OP,
-};
-
-enum ip_hdr_fields {
-	IPHDR_INVALID,
-	IPHDR_VERSION,
-	IPHDR_HDRLENGTH,
-	IPHDR_TOS,
-	IPHDR_LENGTH,
-	IPHDR_ID,
-	IPHDR_FRAG_OFF,
-	IPHDR_TTL,
-	IPHDR_PROTOCOL,
-	IPHDR_CHECKSUM,
-	IPHDR_SADDR,
-	IPHDR_DADDR,
-};
-
-enum icmp_hdr_fields {
-	ICMPHDR_INVALID,
-	ICMPHDR_TYPE,
-	ICMPHDR_CODE,
-	ICMPHDR_CHECKSUM,
-	ICMPHDR_ID,
-	ICMPHDR_SEQ,
-	ICMPHDR_GATEWAY,
-	ICMPHDR_MTU,
-};
-
-enum icmp6_hdr_fields {
-	ICMP6HDR_INVALID,
-	ICMP6HDR_TYPE,
-	ICMP6HDR_CODE,
-	ICMP6HDR_CHECKSUM,
-	ICMP6HDR_PPTR,
-	ICMP6HDR_MTU,
-	ICMP6HDR_ID,
-	ICMP6HDR_SEQ,
-	ICMP6HDR_MAXDELAY,
-};
-
-enum ip6_hdr_fields {
-	IP6HDR_INVALID,
-	IP6HDR_VERSION,
-	IP6HDR_PRIORITY,
-	IP6HDR_FLOWLABEL,
-	IP6HDR_LENGTH,
-	IP6HDR_NEXTHDR,
-	IP6HDR_HOPLIMIT,
-	IP6HDR_SADDR,
-	IP6HDR_DADDR,
-	IP6HDR_PROTOCOL,
-};
-
-enum ah_hdr_fields {
-	AHHDR_INVALID,
-	AHHDR_NEXTHDR,
-	AHHDR_HDRLENGTH,
-	AHHDR_RESERVED,
-	AHHDR_SPI,
-	AHHDR_SEQUENCE,
-};
-
-enum esp_hdr_fields {
-	ESPHDR_INVALID,
-	ESPHDR_SPI,
-	ESPHDR_SEQUENCE,
-};
-
-enum comp_hdr_fields {
-	COMPHDR_INVALID,
-	COMPHDR_NEXTHDR,
-	COMPHDR_FLAGS,
-	COMPHDR_CPI,
-};
-
-enum udp_hdr_fields {
-	UDPHDR_INVALID,
-	UDPHDR_SPORT,
-	UDPHDR_DPORT,
-	UDPHDR_LENGTH,
-	UDPHDR_CSUMCOV = UDPHDR_LENGTH,
-	UDPHDR_CHECKSUM,
-};
-
-enum tcp_hdr_fields {
-	TCPHDR_INVALID,
-	TCPHDR_SPORT,
-	TCPHDR_DPORT,
-	TCPHDR_SEQ,
-	TCPHDR_ACKSEQ,
-	TCPHDR_DOFF,
-	TCPHDR_RESERVED,
-	TCPHDR_FLAGS,
-	TCPHDR_WINDOW,
-	TCPHDR_CHECKSUM,
-	TCPHDR_URGPTR,
-};
-
-enum dccp_hdr_fields {
-	DCCPHDR_INVALID,
-	DCCPHDR_SPORT,
-	DCCPHDR_DPORT,
-	DCCPHDR_TYPE,
-};
-
-enum sctp_hdr_fields {
-	SCTPHDR_INVALID,
-	SCTPHDR_SPORT,
-	SCTPHDR_DPORT,
-	SCTPHDR_VTAG,
-	SCTPHDR_CHECKSUM,
-};
-
-extern const struct payload_desc payload_icmp;
-extern const struct payload_desc payload_ah;
-extern const struct payload_desc payload_esp;
-extern const struct payload_desc payload_comp;
-extern const struct payload_desc payload_udp;
-extern const struct payload_desc payload_udplite;
-extern const struct payload_desc payload_tcp;
-extern const struct payload_desc payload_dccp;
-extern const struct payload_desc payload_sctp;
-extern const struct payload_desc payload_icmp6;
-
-extern const struct payload_desc payload_ip;
-extern const struct payload_desc payload_ip6;
-
-extern const struct payload_desc payload_arp;
-
-extern const struct payload_desc payload_vlan;
-extern const struct payload_desc payload_eth;
+				  const struct proto_ctx *ctx);
 
 #endif /* NFTABLES_PAYLOAD_H */
diff --git a/include/proto.h b/include/proto.h
new file mode 100644
index 00000000..037ef09e
--- /dev/null
+++ b/include/proto.h
@@ -0,0 +1,287 @@
+#ifndef NFTABLES_PROTO_H
+#define NFTABLES_PROTO_H
+
+#include <nftables.h>
+
+/**
+ * enum proto_bases - protocol bases
+ *
+ * @PROTO_BASE_INVALID:		uninitialised, does not happen
+ * @PROTO_BASE_LL_HDR:		link layer header
+ * @PROTO_BASE_NETWORK_HDR:	network layer header
+ * @PROTO_BASE_TRANSPORT_HDR:	transport layer header
+ */
+enum proto_bases {
+	PROTO_BASE_INVALID,
+	PROTO_BASE_LL_HDR,
+	PROTO_BASE_NETWORK_HDR,
+	PROTO_BASE_TRANSPORT_HDR,
+	__PROTO_BASE_MAX
+};
+#define PROTO_BASE_MAX		(__PROTO_BASE_MAX - 1)
+
+extern const char *proto_base_names[];
+extern const char *proto_base_tokens[];
+
+/**
+ * struct proto_hdr_template - protocol header field description
+ *
+ * @token:	parser token describing the header field
+ * @dtype:	data type of the header field
+ * @offset:	offset of the header field from base
+ * @len:	length of header field
+ */
+struct proto_hdr_template {
+	const char			*token;
+	const struct datatype		*dtype;
+	uint16_t			offset;
+	uint16_t			len;
+};
+
+#define PROTO_HDR_TEMPLATE(__token, __dtype,  __offset, __len)		\
+	{								\
+		.token		= (__token),				\
+		.dtype		= (__dtype),				\
+		.offset		= (__offset),				\
+		.len		= (__len),				\
+	}
+
+#define PROTO_UPPER_MAX		16
+#define PROTO_HDRS_MAX		20
+
+/**
+ * struct proto_desc - protocol header description
+ *
+ * @name:	protocol name
+ * @base:	header base
+ * @protocol_key: key of template containing upper layer protocol description
+ * @protocols:	link to upper layer protocol descriptions indexed by protocol value
+ * @templates:	header templates
+ */
+struct proto_desc {
+	const char			*name;
+	enum proto_bases		base;
+	unsigned int			protocol_key;
+	struct {
+		unsigned int			num;
+		const struct proto_desc		*desc;
+	}				protocols[PROTO_UPPER_MAX];
+	struct proto_hdr_template	templates[PROTO_HDRS_MAX];
+};
+
+#define PROTO_LINK(__num, __desc)	{ .num = (__num), .desc = (__desc), }
+
+/**
+ * struct hook_proto_desc - description of protocol constraints imposed by hook family
+ *
+ * @base:	protocol base of packets
+ * @desc:	protocol description of packets
+ */
+struct hook_proto_desc {
+	enum proto_bases		base;
+	const struct proto_desc		*desc;
+};
+
+#define HOOK_PROTO_DESC(__base, __desc)	{ .base = (__base), .desc = (__desc), }
+
+extern const struct hook_proto_desc hook_proto_desc[];
+
+/**
+ * struct dev_proto_desc - description of device LL protocol
+ *
+ * @desc:	protocol description
+ * @type:	arphrd value
+ */
+struct dev_proto_desc {
+	const struct proto_desc		*desc;
+	uint16_t			type;
+};
+
+#define DEV_PROTO_DESC(__type, __desc)	{ .type = (__type), .desc = (__desc), }
+
+extern int proto_dev_type(const struct proto_desc *desc, uint16_t *res);
+extern const struct proto_desc *proto_dev_desc(uint16_t type);
+
+/**
+ * struct proto_ctx - protocol context
+ *
+ * @family:	hook family
+ * @location:	location of the relational expression defining the context
+ * @desc:	protocol description for this layer
+ *
+ * The location of the context is the location of the relational expression
+ * defining it, either directly through a protocol match or indirectly
+ * through a dependency.
+ */
+struct proto_ctx {
+	unsigned int			family;
+	struct {
+		struct location			location;
+		const struct proto_desc		*desc;
+	} protocol[PROTO_BASE_MAX + 1];
+};
+
+extern void proto_ctx_init(struct proto_ctx *ctx, unsigned int family);
+extern const struct proto_desc *proto_find_upper(const struct proto_desc *base,
+						 unsigned int num);
+extern int proto_find_num(const struct proto_desc *base,
+			  const struct proto_desc *desc);
+
+enum eth_hdr_fields {
+	ETHHDR_INVALID,
+	ETHHDR_DADDR,
+	ETHHDR_SADDR,
+	ETHHDR_TYPE,
+};
+
+enum vlan_hdr_fields {
+	VLANHDR_INVALID,
+	VLANHDR_VID,
+	VLANHDR_CFI,
+	VLANHDR_PCP,
+	VLANHDR_TYPE,
+};
+
+enum arp_hdr_fields {
+	ARPHDR_INVALID,
+	ARPHDR_HRD,
+	ARPHDR_PRO,
+	ARPHDR_HLN,
+	ARPHDR_PLN,
+	ARPHDR_OP,
+};
+
+enum ip_hdr_fields {
+	IPHDR_INVALID,
+	IPHDR_VERSION,
+	IPHDR_HDRLENGTH,
+	IPHDR_TOS,
+	IPHDR_LENGTH,
+	IPHDR_ID,
+	IPHDR_FRAG_OFF,
+	IPHDR_TTL,
+	IPHDR_PROTOCOL,
+	IPHDR_CHECKSUM,
+	IPHDR_SADDR,
+	IPHDR_DADDR,
+};
+
+enum icmp_hdr_fields {
+	ICMPHDR_INVALID,
+	ICMPHDR_TYPE,
+	ICMPHDR_CODE,
+	ICMPHDR_CHECKSUM,
+	ICMPHDR_ID,
+	ICMPHDR_SEQ,
+	ICMPHDR_GATEWAY,
+	ICMPHDR_MTU,
+};
+
+enum icmp6_hdr_fields {
+	ICMP6HDR_INVALID,
+	ICMP6HDR_TYPE,
+	ICMP6HDR_CODE,
+	ICMP6HDR_CHECKSUM,
+	ICMP6HDR_PPTR,
+	ICMP6HDR_MTU,
+	ICMP6HDR_ID,
+	ICMP6HDR_SEQ,
+	ICMP6HDR_MAXDELAY,
+};
+
+enum ip6_hdr_fields {
+	IP6HDR_INVALID,
+	IP6HDR_VERSION,
+	IP6HDR_PRIORITY,
+	IP6HDR_FLOWLABEL,
+	IP6HDR_LENGTH,
+	IP6HDR_NEXTHDR,
+	IP6HDR_HOPLIMIT,
+	IP6HDR_SADDR,
+	IP6HDR_DADDR,
+	IP6HDR_PROTOCOL,
+};
+
+enum ah_hdr_fields {
+	AHHDR_INVALID,
+	AHHDR_NEXTHDR,
+	AHHDR_HDRLENGTH,
+	AHHDR_RESERVED,
+	AHHDR_SPI,
+	AHHDR_SEQUENCE,
+};
+
+enum esp_hdr_fields {
+	ESPHDR_INVALID,
+	ESPHDR_SPI,
+	ESPHDR_SEQUENCE,
+};
+
+enum comp_hdr_fields {
+	COMPHDR_INVALID,
+	COMPHDR_NEXTHDR,
+	COMPHDR_FLAGS,
+	COMPHDR_CPI,
+};
+
+enum udp_hdr_fields {
+	UDPHDR_INVALID,
+	UDPHDR_SPORT,
+	UDPHDR_DPORT,
+	UDPHDR_LENGTH,
+	UDPHDR_CSUMCOV = UDPHDR_LENGTH,
+	UDPHDR_CHECKSUM,
+};
+
+enum tcp_hdr_fields {
+	TCPHDR_INVALID,
+	TCPHDR_SPORT,
+	TCPHDR_DPORT,
+	TCPHDR_SEQ,
+	TCPHDR_ACKSEQ,
+	TCPHDR_DOFF,
+	TCPHDR_RESERVED,
+	TCPHDR_FLAGS,
+	TCPHDR_WINDOW,
+	TCPHDR_CHECKSUM,
+	TCPHDR_URGPTR,
+};
+
+enum dccp_hdr_fields {
+	DCCPHDR_INVALID,
+	DCCPHDR_SPORT,
+	DCCPHDR_DPORT,
+	DCCPHDR_TYPE,
+};
+
+enum sctp_hdr_fields {
+	SCTPHDR_INVALID,
+	SCTPHDR_SPORT,
+	SCTPHDR_DPORT,
+	SCTPHDR_VTAG,
+	SCTPHDR_CHECKSUM,
+};
+
+extern const struct proto_desc proto_icmp;
+extern const struct proto_desc proto_ah;
+extern const struct proto_desc proto_esp;
+extern const struct proto_desc proto_comp;
+extern const struct proto_desc proto_udp;
+extern const struct proto_desc proto_udplite;
+extern const struct proto_desc proto_tcp;
+extern const struct proto_desc proto_dccp;
+extern const struct proto_desc proto_sctp;
+extern const struct proto_desc proto_icmp6;
+
+extern const struct proto_desc proto_ip;
+extern const struct proto_desc proto_ip6;
+
+extern const struct proto_desc proto_arp;
+
+extern const struct proto_desc proto_vlan;
+extern const struct proto_desc proto_eth;
+
+extern const struct proto_desc proto_unknown;
+extern const struct proto_hdr_template proto_unknown_template;
+
+#endif /* NFTABLES_PROTO_H */
diff --git a/include/rule.h b/include/rule.h
index 6ad8af3b..2a7b7980 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -292,7 +292,7 @@ struct eval_ctx {
 	struct set		*set;
 	struct stmt		*stmt;
 	struct expr_ctx		ectx;
-	struct payload_ctx	pctx;
+	struct proto_ctx	pctx;
 };
 
 extern int evaluate(struct eval_ctx *ctx, struct list_head *commands);