diff options
author | Florian Westphal <fw@strlen.de> | 2022-08-01 13:03:18 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2022-08-05 01:46:39 +0200 |
commit | b1e3ed0335d13d206a2a2698a1ba189fa396dbf3 (patch) | |
tree | 51609a4e474e915ad6e851eab0fbca82d2b38c8c /include | |
parent | f680055cd4377f2f531f5f77b3aaa7550988665d (diff) |
netlink_delinearize: also postprocess OP_AND in set element context
Pablo reports:
add rule netdev nt y update @macset { vlan id timeout 5s }
listing still shows the raw expression:
update @macset { @ll,112,16 & 0xfff timeout 5s }
so also cover the 'set element' case.
Reported-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'include')
-rw-r--r-- | include/netlink.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/include/netlink.h b/include/netlink.h index 71c888fa..63d07edf 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -44,8 +44,10 @@ struct netlink_parse_ctx { #define RULE_PP_IN_CONCATENATION (1 << 0) +#define RULE_PP_IN_SET_ELEM (1 << 1) -#define RULE_PP_REMOVE_OP_AND (RULE_PP_IN_CONCATENATION) +#define RULE_PP_REMOVE_OP_AND (RULE_PP_IN_CONCATENATION | \ + RULE_PP_IN_SET_ELEM) struct rule_pp_ctx { struct proto_ctx pctx; |