summaryrefslogtreecommitdiffstats
path: root/include/expression.h
Commit message (Collapse)AuthorAgeFilesLines
* expr: add protocol context update callbackPatrick McHardy2014-01-081-0/+4
| | | | | | | | | | Add a callback function to the expression ops to update the protocol context for relational protocol expressions (EXPR_F_PROTOCOL). Also set the EXPR_F_PROTOCOL flag for IIFTYPE meta expressions to make sure the callback is invoked when necessary. Signed-off-by: Patrick McHardy <kaber@trash.net>
* nftables: generic procotol contextsPatrick McHardy2014-01-081-4/+4
| | | | | | | | | | | | | | | Currently the context of higher layer protocols is specific to payload expressions with some special cases for meta IIFTYPE expressions. This approach has a few shortcomings, concretely there are more expression types which define upper layer protocols like the ct expression and two upcoming new types for the meta expression. Replace the payload context by a generic protocol context to deal with this. This patch just splits off the requires parts from the payload expression without any functional changes, the following patches will add further functionality for other expressions. Signed-off-by: Patrick McHardy <kaber@trash.net>
* expr: replace PAYLOAD_PROTOCOL_EXPR by generic flagPatrick McHardy2014-01-081-2/+3
| | | | | | | Introduce a generic flag to indicate that an expression describes the upper layer protocol as replacement for the payload specific flag. Signed-off-by: Patrick McHardy <kaber@trash.net>
* expr: kill EXPR_F_PRIMARYPatrick McHardy2013-04-151-10/+3
| | | | | | Not used anymore, kill it. Signed-off-by: Patrick McHardy <kaber@trash.net>
* segtree: fix segtree to properly support mappingsPatrick McHardy2012-12-081-1/+1
| | | | | | | Requires to use proper types for keys and data and using the key values for reverse transformation. Signed-off-by: Patrick McHardy <kaber@trash.net>
* expression: Differentiate expr among anonymous structures in struct exprTomasz Bursztyka2012-08-031-2/+2
| | | | | | | This fixes compilation with gcc-4.7 Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* add support for new set API and standalone setsPatrick McHardy2009-07-281-2/+18
| | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* expressions: kill seperate sym_type datatype for symbolsPatrick McHardy2009-04-011-2/+1
| | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* expr: add support for cloning expressionsPatrick McHardy2009-03-201-0/+3
| | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* Add support for user-defined symbolic constantsPatrick McHardy2009-03-201-0/+2
| | | | | | | | | | | | | | | | | | User-defined constants can be used like this: define allowed_hosts = { 192.168.0.0/24, 10.0.0.20-10.0.0.30 } define udp_services = domain define tcp_services = { ssh, domain } ip saddr $allowed_hosts udp dport $udp_services counter accept ip saddr $allowed_hosts tcp dport $tcp_services counter accept Recursive definitions are possible, but currently not fully handled. Anything requiring transformations (sets using ranges) can not be used more than once currently since the expressions need to be COW'ed previously. Signed-off-by: Patrick McHardy <kaber@trash.net>
* Fix use of reserved names in header sandwichPatrick McHardy2009-03-181-3/+3
| | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* Initial commitv0.01-alpha1Patrick McHardy2009-03-181-0/+323