summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--iptables/nft-shared.c9
-rw-r--r--iptables/nft-shared.h3
2 files changed, 9 insertions, 3 deletions
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index c368f40b..c0ee4c8a 100644
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -91,6 +91,11 @@ void add_cmp_ptr(struct nft_rule *r, uint32_t op, void *data, size_t len)
nft_rule_add_expr(r, expr);
}
+void add_cmp_u8(struct nft_rule *r, uint8_t val, uint32_t op)
+{
+ add_cmp_ptr(r, op, &val, sizeof(val));
+}
+
void add_cmp_u16(struct nft_rule *r, uint16_t val, uint32_t op)
{
add_cmp_ptr(r, op, &val, sizeof(val));
@@ -159,7 +164,7 @@ void add_addr(struct nft_rule *r, int offset,
}
void add_proto(struct nft_rule *r, int offset, size_t len,
- uint32_t proto, int invflags)
+ uint8_t proto, int invflags)
{
uint32_t op;
@@ -170,7 +175,7 @@ void add_proto(struct nft_rule *r, int offset, size_t len,
else
op = NFT_CMP_EQ;
- add_cmp_u32(r, proto, op);
+ add_cmp_u8(r, proto, op);
}
bool is_same_interfaces(const char *a_iniface, const char *a_outiface,
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index 59734d9d..c59ab21a 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -59,6 +59,7 @@ void add_meta(struct nft_rule *r, uint32_t key);
void add_payload(struct nft_rule *r, int offset, int len);
void add_bitwise_u16(struct nft_rule *r, int mask, int xor);
void add_cmp_ptr(struct nft_rule *r, uint32_t op, void *data, size_t len);
+void add_cmp_u8(struct nft_rule *r, uint8_t val, uint32_t op);
void add_cmp_u16(struct nft_rule *r, uint16_t val, uint32_t op);
void add_cmp_u32(struct nft_rule *r, uint32_t val, uint32_t op);
void add_iniface(struct nft_rule *r, char *iface, int invflags);
@@ -66,7 +67,7 @@ void add_outiface(struct nft_rule *r, char *iface, int invflags);
void add_addr(struct nft_rule *r, int offset,
void *data, size_t len, int invflags);
void add_proto(struct nft_rule *r, int offset, size_t len,
- uint32_t proto, int invflags);
+ uint8_t proto, int invflags);
void add_compat(struct nft_rule *r, uint32_t proto, bool inv);
bool is_same_interfaces(const char *a_iniface, const char *a_outiface,