diff options
author | Phil Sutter <phil@nwl.cc> | 2019-08-20 22:09:04 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2019-11-25 23:31:08 +0100 |
commit | b34bfe69c670d648cfc3d0c00ef1567894894df5 (patch) | |
tree | 75bfa829f63f96ecdf91021d03bd454c89fe77ca /iptables/nft-shared.c | |
parent | e104dcc80d54001a6a739a0a60f4a60a9f654d79 (diff) |
nft: Bore up nft_parse_payload()
Allow for closer inspection by storing payload expression's base and
length values. Also facilitate for two consecutive payload expressions
as LHS of a (cmp/lookup) statement as used with concatenations.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft-shared.c')
-rw-r--r-- | iptables/nft-shared.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c index 80d4e1fc..a67302ee 100644 --- a/iptables/nft-shared.c +++ b/iptables/nft-shared.c @@ -445,8 +445,16 @@ static void nft_parse_meta(struct nft_xt_ctx *ctx, struct nftnl_expr *e) static void nft_parse_payload(struct nft_xt_ctx *ctx, struct nftnl_expr *e) { + if (ctx->flags & NFT_XT_CTX_PAYLOAD) { + memcpy(&ctx->prev_payload, &ctx->payload, + sizeof(ctx->prev_payload)); + ctx->flags |= NFT_XT_CTX_PREV_PAYLOAD; + } + ctx->reg = nftnl_expr_get_u32(e, NFTNL_EXPR_META_DREG); + ctx->payload.base = nftnl_expr_get_u32(e, NFTNL_EXPR_PAYLOAD_BASE); ctx->payload.offset = nftnl_expr_get_u32(e, NFTNL_EXPR_PAYLOAD_OFFSET); + ctx->payload.len = nftnl_expr_get_u32(e, NFTNL_EXPR_PAYLOAD_LEN); ctx->flags |= NFT_XT_CTX_PAYLOAD; } |