From a5c4a5365e141dce83343233c83f4e7facb02ceb Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 17 Nov 2021 11:10:06 +0100
Subject: parser_json: add raw payload inner header match support

Add missing "ih" base raw payload and extend tests/py to cover this new
usecase.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/parser_json.c                 |  2 ++
 tests/py/any/rawpayload.t         |  2 ++
 tests/py/any/rawpayload.t.json    | 17 +++++++++++++++++
 tests/py/any/rawpayload.t.payload |  6 ++++++
 4 files changed, 27 insertions(+)

diff --git a/src/parser_json.c b/src/parser_json.c
index 3cd21175..7a2d30ff 100644
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -558,6 +558,8 @@ static struct expr *json_parse_payload_expr(struct json_ctx *ctx,
 			val = PROTO_BASE_NETWORK_HDR;
 		} else if (!strcmp(base, "th")) {
 			val = PROTO_BASE_TRANSPORT_HDR;
+		} else if (!strcmp(base, "ih")) {
+			val = PROTO_BASE_INNER_HDR;
 		} else {
 			json_error(ctx, "Invalid payload base '%s'.", base);
 			return NULL;
diff --git a/tests/py/any/rawpayload.t b/tests/py/any/rawpayload.t
index 9fe377e2..128e8088 100644
--- a/tests/py/any/rawpayload.t
+++ b/tests/py/any/rawpayload.t
@@ -18,3 +18,5 @@ meta l4proto tcp @th,16,16 { 22, 23, 80};ok;tcp dport { 22, 23, 80}
 @ll,0,1 1;ok;@ll,0,8 & 0x80 == 0x80
 @ll,0,8 & 0x80 == 0x80;ok
 @ll,0,128 0xfedcba987654321001234567890abcde;ok
+
+@ih,32,32 0x14000000;ok
diff --git a/tests/py/any/rawpayload.t.json b/tests/py/any/rawpayload.t.json
index 9481d9bf..b5115e0d 100644
--- a/tests/py/any/rawpayload.t.json
+++ b/tests/py/any/rawpayload.t.json
@@ -156,3 +156,20 @@
     }
 ]
 
+# @ih,32,32 0x14000000
+[
+    {
+        "match": {
+            "left": {
+                "payload": {
+                    "base": "ih",
+                    "len": 32,
+                    "offset": 32
+                }
+            },
+            "op": "==",
+            "right": 335544320
+        }
+    }
+]
+
diff --git a/tests/py/any/rawpayload.t.payload b/tests/py/any/rawpayload.t.payload
index d2b38183..61c41cb9 100644
--- a/tests/py/any/rawpayload.t.payload
+++ b/tests/py/any/rawpayload.t.payload
@@ -47,3 +47,9 @@ inet test-inet input
 inet test-inet input
   [ payload load 16b @ link header + 0 => reg 1 ]
   [ cmp eq reg 1 0x98badcfe 0x10325476 0x67452301 0xdebc0a89 ]
+
+# @ih,32,32 0x14000000
+inet test-inet input
+  [ payload load 4b @ inner header + 4 => reg 1 ]
+  [ cmp eq reg 1 0x00000014 ]
+
-- 
cgit v1.2.3