netlink_delinearize: also postprocess OP_AND in set element context

Pablo reports: add rule netdev nt y update @macset { vlan id timeout 5s } listing still shows the raw expression: update @macset { @ll,112,16 & 0xfff timeout 5s } so also cover the 'set element' case. Reported-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Florian Westphal <fw@strlen.de>
author: Florian Westphal <fw@strlen.de> 2022-08-01 13:03:18 +0200
committer: Florian Westphal <fw@strlen.de> 2022-08-05 01:46:39 +0200
commit: b1e3ed0335d13d206a2a2698a1ba189fa396dbf3 (patch)
tree: 51609a4e474e915ad6e851eab0fbca82d2b38c8c /include
parent: f680055cd4377f2f531f5f77b3aaa7550988665d (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/include/netlink.h b/include/netlink.h
index 71c888fa..63d07edf 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -44,8 +44,10 @@ struct netlink_parse_ctx {
 
 
 #define RULE_PP_IN_CONCATENATION	(1 << 0)
+#define RULE_PP_IN_SET_ELEM		(1 << 1)
 
-#define RULE_PP_REMOVE_OP_AND		(RULE_PP_IN_CONCATENATION)
+#define RULE_PP_REMOVE_OP_AND		(RULE_PP_IN_CONCATENATION | \
+					 RULE_PP_IN_SET_ELEM)
 
 struct rule_pp_ctx {
 	struct proto_ctx	pctx;
author	Florian Westphal <fw@strlen.de>	2022-08-01 13:03:18 +0200
committer	Florian Westphal <fw@strlen.de>	2022-08-05 01:46:39 +0200
commit	b1e3ed0335d13d206a2a2698a1ba189fa396dbf3 (patch)
tree	51609a4e474e915ad6e851eab0fbca82d2b38c8c /include
parent	f680055cd4377f2f531f5f77b3aaa7550988665d (diff)