From 3edb96200690b804ceb76a9fb0ae441ed7d4d8f0 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 3 Apr 2019 23:40:04 +0200
Subject: parser_bison: missing tproxy syntax with port only for inet family

 # nft add rule inet filter divert ip daddr 0.0.0.0/0 meta l4proto tcp tproxy ip to :2000
 Error: syntax error, unexpected colon
 add rule inet filter divert ip daddr 0.0.0.0/0 meta l4proto tcp tproxy ip to :2000
                                                                              ^

Syntax with no protocol for tproxy complains with:

 # nft add rule inet filter divert ip daddr 0.0.0.0/0 meta l4proto tcp tproxy to :2000
 Error: Conflicting network layer protocols.
 add rule inet filter divert ip daddr 0.0.0.0/0 meta l4proto tcp tproxy to :2000
                                                                 ^^^^^^^^^^^^^^^

Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1310
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 tests/py/ip/tproxy.t         | 2 +-
 tests/py/ip/tproxy.t.payload | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

(limited to 'tests/py/ip')

diff --git a/tests/py/ip/tproxy.t b/tests/py/ip/tproxy.t
index dbd8f5e9..966898c0 100644
--- a/tests/py/ip/tproxy.t
+++ b/tests/py/ip/tproxy.t
@@ -11,4 +11,4 @@ meta l4proto 6 tproxy to 192.0.2.1:50080;ok
 ip protocol 6 tproxy to :50080;ok
 meta l4proto 17 tproxy ip to 192.0.2.1;ok;meta l4proto 17 tproxy to 192.0.2.1
 meta l4proto 6 tproxy ip to 192.0.2.1:50080;ok;meta l4proto 6 tproxy to 192.0.2.1:50080
-ip protocol 6 tproxy ip to :50080;fail
+ip protocol 6 tproxy ip to :50080;ok
diff --git a/tests/py/ip/tproxy.t.payload b/tests/py/ip/tproxy.t.payload
index 035651f4..dfe830ec 100644
--- a/tests/py/ip/tproxy.t.payload
+++ b/tests/py/ip/tproxy.t.payload
@@ -34,3 +34,11 @@ ip x y
   [ immediate reg 1 0x010200c0 ]
   [ immediate reg 2 0x0000a0c3 ]
   [ tproxy ip addr reg 1 port reg 2 ]
+
+# ip protocol 6 tproxy ip to :50080
+ip x y 
+  [ payload load 1b @ network header + 9 => reg 1 ]
+  [ cmp eq reg 1 0x00000006 ]
+  [ immediate reg 1 0x0000a0c3 ]
+  [ tproxy ip port reg 1 ]
+
-- 
cgit v1.2.3