summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/linux/netfilter/nf_tables.h7
-rw-r--r--src/ct.c6
-rw-r--r--src/parser.y6
-rw-r--r--src/scanner.l1
4 files changed, 12 insertions, 8 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index b4d518e3..0309b9dc 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -174,6 +174,7 @@ enum nft_set_attributes {
NFTA_SET_SREG,
NFTA_SET_DREG,
NFTA_SET_KLEN,
+ NFTA_SET_DLEN,
NFTA_SET_ELEMENTS,
__NFTA_SET_MAX
};
@@ -262,9 +263,9 @@ enum nft_ct_keys {
NFT_CT_SECMARK,
NFT_CT_EXPIRATION,
NFT_CT_HELPER,
- NFT_CT_L3PROTO,
- NFT_CT_SADDR,
- NFT_CT_DADDR,
+ NFT_CT_L3PROTOCOL,
+ NFT_CT_SRC,
+ NFT_CT_DST,
NFT_CT_PROTOCOL,
NFT_CT_PROTO_SRC,
NFT_CT_PROTO_DST,
diff --git a/src/ct.c b/src/ct.c
index 43dd9878..ea97d6ad 100644
--- a/src/ct.c
+++ b/src/ct.c
@@ -108,12 +108,12 @@ static const struct ct_template ct_templates[] = {
4 * BITS_PER_BYTE),
[NFT_CT_HELPER] = CT_TEMPLATE("helper", &string_type,
BYTEORDER_INVALID, 0),
- [NFT_CT_L3PROTO] = CT_TEMPLATE("l3proto", &invalid_type,
+ [NFT_CT_L3PROTOCOL] = CT_TEMPLATE("l3proto", &invalid_type,
BYTEORDER_INVALID,
BITS_PER_BYTE),
- [NFT_CT_SADDR] = CT_TEMPLATE("saddr", &invalid_type,
+ [NFT_CT_SRC] = CT_TEMPLATE("saddr", &invalid_type,
BYTEORDER_BIG_ENDIAN, 0),
- [NFT_CT_DADDR] = CT_TEMPLATE("daddr", &invalid_type,
+ [NFT_CT_DST] = CT_TEMPLATE("daddr", &invalid_type,
BYTEORDER_BIG_ENDIAN, 0),
[NFT_CT_PROTOCOL] = CT_TEMPLATE("protocol", &inet_protocol_type,
BYTEORDER_BIG_ENDIAN,
diff --git a/src/parser.y b/src/parser.y
index 90f9052e..c63a14e0 100644
--- a/src/parser.y
+++ b/src/parser.y
@@ -287,6 +287,7 @@ static void location_update(struct location *loc, struct location *rhs, int n)
%token STATUS "status"
%token EXPIRATION "expiration"
%token HELPER "helper"
+%token L3PROTOCOL "l3proto"
%token PROTO_SRC "proto-src"
%token PROTO_DST "proto-dst"
@@ -1133,9 +1134,10 @@ ct_key : STATE { $$ = NFT_CT_STATE; }
| SECMARK { $$ = NFT_CT_SECMARK; }
| EXPIRATION { $$ = NFT_CT_EXPIRATION; }
| HELPER { $$ = NFT_CT_HELPER; }
+ | L3PROTOCOL { $$ = NFT_CT_L3PROTOCOL; }
+ | SADDR { $$ = NFT_CT_SRC; }
+ | DADDR { $$ = NFT_CT_DST; }
| PROTOCOL { $$ = NFT_CT_PROTOCOL; }
- | SADDR { $$ = NFT_CT_SADDR; }
- | DADDR { $$ = NFT_CT_DADDR; }
| PROTO_SRC { $$ = NFT_CT_PROTO_SRC; }
| PROTO_DST { $$ = NFT_CT_PROTO_DST; }
;
diff --git a/src/scanner.l b/src/scanner.l
index 7fc01f77..f8d018bb 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -375,6 +375,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
"status" { return STATUS; }
"expiration" { return EXPIRATION; }
"helper" { return HELPER; }
+"l3proto" { return L3PROTOCOL; }
"proto-src" { return PROTO_SRC; }
"proto-dst" { return PROTO_DST; }