nft: support ttl/hoplimit dissection

xlate raw "nft ... ttl eq 1" and so on to the ttl/hl matches. Signed-off-by: Florian Westphal <fw@strlen.de> Reviewed-by: Phil Sutter <phil@nwl.cc>
author: Florian Westphal <fw@strlen.de> 2022-09-12 10:58:44 +0200
committer: Florian Westphal <fw@strlen.de> 2022-09-13 14:14:38 +0200
commit: b4fd0f682b53609c747e6dd69cc5024545d4b90c (patch)
tree: 22ffb65b47917d61393b42d6171dbb96b0ae22ce /iptables/nft-ipv6.c
parent: 0da2d1a35bd70d37f72d594927c0649d1dea4f7c (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c
index 9a29d18b..0ab1f971 100644
--- a/iptables/nft-ipv6.c
+++ b/iptables/nft-ipv6.c
@@ -169,6 +169,9 @@ static void nft_ipv6_parse_payload(struct nft_xt_ctx *ctx,
 		cs->fw6.ipv6.proto = proto;
 		if (inv)
 			cs->fw6.ipv6.invflags |= IP6T_INV_PROTO;
+	case offsetof(struct ip6_hdr, ip6_hlim):
+		nft_parse_hl(ctx, e, cs);
+		break;
 	default:
 		DEBUGP("unknown payload offset %d\n", ctx->payload.offset);
 		break;
author	Florian Westphal <fw@strlen.de>	2022-09-12 10:58:44 +0200
committer	Florian Westphal <fw@strlen.de>	2022-09-13 14:14:38 +0200
commit	b4fd0f682b53609c747e6dd69cc5024545d4b90c (patch)
tree	22ffb65b47917d61393b42d6171dbb96b0ae22ce /iptables/nft-ipv6.c
parent	0da2d1a35bd70d37f72d594927c0649d1dea4f7c (diff)