From 98b871512c4677848a12e8204fe35eb870660304 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Tue, 8 Dec 2020 15:49:42 +0100 Subject: src: add auto-dependencies for ipv4 icmp The ICMP header has field values that are only exist for certain types. Mark the icmp proto 'type' field as a nextheader field and add a new th description to store the icmp type dependency. This can later be re-used for other protocol dependend definitions such as mptcp options -- which are all share the same tcp option number and have a special 4 bit marker inside the mptcp option space that tells how the remaining option looks like. Signed-off-by: Florian Westphal --- src/evaluate.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'src/evaluate.c') diff --git a/src/evaluate.c b/src/evaluate.c index 76b25b40..3eb8e1bf 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -706,7 +706,8 @@ static int __expr_evaluate_payload(struct eval_ctx *ctx, struct expr *expr) return -1; rule_stmt_insert_at(ctx->rule, nstmt, ctx->stmt); - return 0; + desc = ctx->pctx.protocol[base].desc; + goto check_icmp; } if (payload->payload.base == desc->base && @@ -724,7 +725,24 @@ static int __expr_evaluate_payload(struct eval_ctx *ctx, struct expr *expr) * if needed. */ if (desc == payload->payload.desc) { + const struct proto_hdr_template *tmpl; + payload->payload.offset += ctx->pctx.protocol[base].offset; +check_icmp: + if (desc != &proto_icmp) + return 0; + + tmpl = expr->payload.tmpl; + + if (!tmpl || !tmpl->icmp_dep) + return 0; + + if (payload_gen_icmp_dependency(ctx, expr, &nstmt) < 0) + return -1; + + if (nstmt) + rule_stmt_insert_at(ctx->rule, nstmt, ctx->stmt); + return 0; } /* If we already have context and this payload is on the same -- cgit v1.2.3