summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2020-04-27 12:21:34 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2020-04-28 17:32:35 +0200
commitf9465cf517ccc88d5ebfa4c7e3cbb2ed1bc899b0 (patch)
tree382816613ef4cb2ee7efa27f72708645cb0dff75 /src
parent35a6b10c1bc488ca195e9c641563c29251f725f3 (diff)
src: add STMT_NAT_F_CONCAT flag and use it
Replace ipportmap boolean field by flags. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/evaluate.c2
-rw-r--r--src/netlink_delinearize.0
-rw-r--r--src/netlink_delinearize.c2
-rw-r--r--src/netlink_linearize.c6
-rw-r--r--src/parser_bison.y2
-rw-r--r--src/statement.c2
6 files changed, 7 insertions, 7 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index a116f7b6..cad65cfb 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2973,7 +2973,7 @@ static int stmt_evaluate_nat(struct eval_ctx *ctx, struct stmt *stmt)
if (err < 0)
return err;
- if (stmt->nat.ipportmap) {
+ if (stmt->nat.type_flags & STMT_NAT_F_CONCAT) {
err = stmt_evaluate_nat_map(ctx, stmt);
if (err < 0)
return err;
diff --git a/src/netlink_delinearize. b/src/netlink_delinearize.
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/src/netlink_delinearize.
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index b039a1e3..772559c8 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -1110,7 +1110,7 @@ static void netlink_parse_nat(struct netlink_parse_ctx *ctx,
if (is_nat_proto_map(addr, family)) {
stmt->nat.family = family;
- stmt->nat.ipportmap = true;
+ stmt->nat.type_flags |= STMT_NAT_F_CONCAT;
ctx->stmt = stmt;
return;
}
diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index 944fcdae..08f7f89f 100644
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -1127,15 +1127,15 @@ static void netlink_gen_nat_stmt(struct netlink_linearize_ctx *ctx,
}
}
- if (stmt->nat.ipportmap) {
+ if (stmt->nat.type_flags & STMT_NAT_F_CONCAT) {
/* nat_stmt evaluation step doesn't allow
- * stmt->nat.ipportmap && stmt->nat.proto.
+ * STMT_NAT_F_CONCAT && stmt->nat.proto.
*/
assert(stmt->nat.proto == NULL);
pmin_reg = amin_reg;
- /* if ipportmap is set, the mapped type is a
+ /* if STMT_NAT_F_CONCAT is set, the mapped type is a
* concatenation of 'addr . inet_service'.
* The map lookup will then return the
* concatenated value, so we need to skip
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 3b470cc6..b1e869d5 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -3192,7 +3192,7 @@ nat_stmt_args : stmt_expr
{
$<stmt>0->nat.family = $1;
$<stmt>0->nat.addr = $6;
- $<stmt>0->nat.ipportmap = true;
+ $<stmt>0->nat.type_flags = STMT_NAT_F_CONCAT;
}
| nf_key_proto INTERVAL TO stmt_expr
{
diff --git a/src/statement.c b/src/statement.c
index 8a1cd6e0..21a1bc8d 100644
--- a/src/statement.c
+++ b/src/statement.c
@@ -607,7 +607,7 @@ static void nat_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
break;
}
- if (stmt->nat.ipportmap)
+ if (stmt->nat.type_flags & STMT_NAT_F_CONCAT)
nft_print(octx, " addr . port");
else if (stmt->nat.type_flags & STMT_NAT_F_PREFIX)
nft_print(octx, " prefix");