summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/netlink_delinearize.c2
-rw-r--r--src/payload.c14
2 files changed, 15 insertions, 1 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index 1e94af49..90553836 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -1841,7 +1841,7 @@ static void expr_postprocess(struct rule_pp_ctx *ctx, struct expr **exprp)
expr_postprocess(ctx, &expr->key);
break;
case EXPR_EXTHDR:
- __payload_dependency_kill(&ctx->pdctx, PROTO_BASE_NETWORK_HDR);
+ exthdr_dependency_kill(&ctx->pdctx, expr);
break;
case EXPR_SET_REF:
case EXPR_META:
diff --git a/src/payload.c b/src/payload.c
index 0207296e..169954ba 100644
--- a/src/payload.c
+++ b/src/payload.c
@@ -410,6 +410,20 @@ void payload_dependency_kill(struct payload_dep_ctx *ctx, struct expr *expr)
__payload_dependency_kill(ctx, expr->payload.base);
}
+void exthdr_dependency_kill(struct payload_dep_ctx *ctx, struct expr *expr)
+{
+ switch (expr->exthdr.op) {
+ case NFT_EXTHDR_OP_TCPOPT:
+ __payload_dependency_kill(ctx, PROTO_BASE_TRANSPORT_HDR);
+ break;
+ case NFT_EXTHDR_OP_IPV6:
+ __payload_dependency_kill(ctx, PROTO_BASE_NETWORK_HDR);
+ break;
+ default:
+ break;
+ }
+}
+
/**
* payload_expr_complete - fill in type information of a raw payload expr
*