summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2014-01-26 14:52:47 +0100
committerFlorian Westphal <fw@strlen.de>2015-09-18 00:06:07 +0200
commita217645763027da6856efe037c4d3e44abe9d79e (patch)
treec25a0cd75c5562b51612fc96af820a1096b35513
parent7c587d4b4d05a24cedcb2b0b339c18d79b9d4eb2 (diff)
nft: fill in doff and fix ihl/version template entries
This allows to use nft add rule ip filter input tcp doff 8 or similar. Furhermore, ip version looked at hdrlen and vice versa. Signed-off-by: Florian Westphal <fw@strlen.de>
-rw-r--r--src/proto.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/src/proto.c b/src/proto.c
index b2aeac48..28b93cbc 100644
--- a/src/proto.c
+++ b/src/proto.c
@@ -403,8 +403,10 @@ const struct proto_desc proto_tcp = {
[TCPHDR_DPORT] = INET_SERVICE("dport", struct tcphdr, dest),
[TCPHDR_SEQ] = TCPHDR_FIELD("sequence", seq),
[TCPHDR_ACKSEQ] = TCPHDR_FIELD("ackseq", ack_seq),
- [TCPHDR_DOFF] = {},
- [TCPHDR_RESERVED] = {},
+ [TCPHDR_DOFF] = HDR_BITFIELD("doff", &integer_type,
+ (12 * BITS_PER_BYTE) + 4, 4),
+ [TCPHDR_RESERVED] = HDR_BITFIELD("reserved", &integer_type,
+ (12 * BITS_PER_BYTE) + 0, 4),
[TCPHDR_FLAGS] = HDR_BITFIELD("flags", &tcp_flag_type,
13 * BITS_PER_BYTE,
BITS_PER_BYTE),
@@ -502,8 +504,8 @@ const struct proto_desc proto_ip = {
PROTO_LINK(IPPROTO_SCTP, &proto_sctp),
},
.templates = {
- [IPHDR_VERSION] = HDR_BITFIELD("version", &integer_type, 0, 4),
- [IPHDR_HDRLENGTH] = HDR_BITFIELD("hdrlength", &integer_type, 4, 4),
+ [IPHDR_VERSION] = HDR_BITFIELD("version", &integer_type, 4, 4),
+ [IPHDR_HDRLENGTH] = HDR_BITFIELD("hdrlength", &integer_type, 0, 4),
[IPHDR_TOS] = IPHDR_FIELD("tos", tos),
[IPHDR_LENGTH] = IPHDR_FIELD("length", tot_len),
[IPHDR_ID] = IPHDR_FIELD("id", id),