summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2018-02-25 19:46:04 +0100
committerFlorian Westphal <fw@strlen.de>2018-02-26 18:29:39 +0100
commite277fa7d015bd3f5d5d20be2c5adc4723f1867b2 (patch)
treeebf8fd2891d3dec70185980cbb17feac867c47d8 /src
parentd3b6a35d20040e62b1d88aeedccbe2184f06408e (diff)
src: make raw payloads work
make syntax consistent between print and parse. No dependency handling -- once you use raw expression, you need to make sure the raw expression only sees the packets that you'd want it to see. based on an earlier patch from Laurent Fasnacht <l@libres.ch>. Laurents patch added a different syntax: @<protocol>,<base>,<data type>,<offset>,<length> data_type is useful to make nftables not err when asking for "@payload,32,32 192.168.0.1", this patch still requires manual convsersion to an integer type (hex or decimal notation). data_type should probably be added later by adding an explicit cast expression, independent of the raw payload syntax. Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'src')
-rw-r--r--src/evaluate.c3
-rw-r--r--src/parser_bison.y3
-rw-r--r--src/payload.c2
3 files changed, 7 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index c98749d9..6be3bf03 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -609,6 +609,9 @@ static int __expr_evaluate_payload(struct eval_ctx *ctx, struct expr *expr)
struct stmt *nstmt;
int err;
+ if (expr->ops->type == EXPR_PAYLOAD && expr->payload.is_raw)
+ return 0;
+
desc = ctx->pctx.protocol[base].desc;
if (desc == NULL) {
if (payload_gen_dependency(ctx, payload, &nstmt) < 0)
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 56341115..ec8b0dd8 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -3465,6 +3465,9 @@ payload_raw_expr : AT payload_base_spec COMMA NUM COMMA NUM
$$->payload.offset = $4;
$$->len = $6;
$$->dtype = &integer_type;
+ $$->byteorder = BYTEORDER_BIG_ENDIAN;
+ $$->payload.is_raw = true;
+ $$->flags = 0;
}
;
diff --git a/src/payload.c b/src/payload.c
index ef437b44..09665a0e 100644
--- a/src/payload.c
+++ b/src/payload.c
@@ -48,7 +48,7 @@ static void payload_expr_print(const struct expr *expr, struct output_ctx *octx)
if (payload_is_known(expr))
nft_print(octx, "%s %s", desc->name, tmpl->token);
else
- nft_print(octx, "payload @%s,%u,%u",
+ nft_print(octx, "@%s,%u,%u",
proto_base_tokens[expr->payload.base],
expr->payload.offset, expr->len);
}