path: root/include/mnl.h
diff options
authorPablo Neira Ayuso <>2013-12-27 12:48:40 +0100
committerPablo Neira Ayuso <>2013-12-28 23:05:36 +0100
commita54d7b05fb241dae62039d2c200e9a18941cf250 (patch)
tree468effca3721361266d79ab9960131cb2b0c7589 /include/mnl.h
parent173de1e0bcc2e9d25134f52015d16b47f02e9a8a (diff)
netlink: fix dictionary feature with data mappings
This patch fixes dictionary feature, that allows you to conditionally set packet fields based on a given selector, eg. add rule ip filter input meta dnat set tcp dport map { 22 =>, 23 => } This means that traffic flowing to tcp port 22 is dnatted to address and tcp port 23 is dnatted to address This feature was partially broken by aae836a ("src: use libnftables") although it also needs the kernel fix ("netfilter: nf_tables: fix wrong datatype in nft_validate_data_load()"). This patch also fixes endianness issues when displaying the mark via `list table' related to list_setelem_cb() since the byteorder was left unset for the data part of a set element. meta mark set tcp dport map { telnet => 0x02000000, ssh => 0x01000000} ^ ^ Note the wrong endianness in the example above. Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'include/mnl.h')
0 files changed, 0 insertions, 0 deletions