diff options
author | Patrick McHardy <kaber@trash.net> | 2014-01-08 13:02:16 +0000 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2014-01-08 13:02:16 +0000 |
commit | ffdc2e402e76329c8dde88daab55791d6c6f5dd3 (patch) | |
tree | 31d19e38c4a46fb943576f6bec935a7931058853 /include/ct.h | |
parent | caa45d4a94ccf62041c1e4dc47310068a41f5f29 (diff) |
ct expr: protocol context updates and dynamic typing
Include the protocols defined through relational ct expressions in the
protocol context and use the protocol context to dynamically determine
the types of network and transport layer ct expression types.
Before:
$ nft filter output ct proto-dst ssh
<cmdline>:1:28-30: Error: Can't parse symbolic invalid expressions
filter output ct proto-dst ssh
^^^
$ nft filter output ip protocol tcp ct proto-dst ssh
<cmdline>:1:44-46: Error: Can't parse symbolic invalid expressions
filter output ip protocol tcp ct proto-dst ssh
^^^
$ nft filter output ct protocol tcp ct proto-dst ssh
<cmdline>:1:44-46: Error: Can't parse symbolic invalid expressions
filter output ct protocol tcp ct proto-dst ssh
^^^
After:
$ nft filter output ct proto-dst ssh
<cmdline>:1:28-30: Error: Can't parse symbolic invalid expressions
filter output ct proto-dst ssh
^^^
$ nft filter output ip protocol tcp ct proto-dst ssh
$ nft filter output ct protocol tcp ct proto-dst ssh
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'include/ct.h')
-rw-r--r-- | include/ct.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/ct.h b/include/ct.h index 67718c84..64366ab7 100644 --- a/include/ct.h +++ b/include/ct.h @@ -25,5 +25,6 @@ struct ct_template { extern struct expr *ct_expr_alloc(const struct location *loc, enum nft_ct_keys key); +extern void ct_expr_update_type(struct proto_ctx *ctx, struct expr *expr); #endif /* NFTABLES_CT_H */ |