diff options
author | Phil Sutter <phil@nwl.cc> | 2017-03-10 18:13:51 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-03-10 19:01:21 +0100 |
commit | e02bd59c4009bedba89da88b199e715441975439 (patch) | |
tree | 89dd9f1959adf4065d23da80053e119fe1483500 /src/evaluate.c | |
parent | 627be570eff8f05849614a257e6fa45c744f4dbd (diff) |
exthdr: Implement existence check
This allows to check for existence of an IPv6 extension or TCP
option header by using the following syntax:
| exthdr frag exists
| tcpopt window exists
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/evaluate.c')
-rw-r--r-- | src/evaluate.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index efcafc72..7c039cba 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -432,6 +432,9 @@ static int __expr_evaluate_exthdr(struct eval_ctx *ctx, struct expr **exprp) { struct expr *expr = *exprp; + if (expr->exthdr.flags & NFT_EXTHDR_F_PRESENT) + expr->dtype = &boolean_type; + if (expr_evaluate_primary(ctx, exprp) < 0) return -1; |