From 82762ab6f261226030debd5ffe4e22d987ebdb7b Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 28 Mar 2022 17:36:40 +0200
Subject: src: allow to use integer type header fields via typeof set
 declaration

Header fields such as udp length cannot be used in concatenations because
it is using the generic integer_type:

 test.nft:3:10-19: Error: can not use variable sized data types (integer) in concat expressions
                typeof udp length . @th,32,32
                       ^^^^^^^^^^~~~~~~~~~~~~

This patch slightly extends ("src: allow to use typeof of raw expressions in
set declaration") to set on NFTNL_UDATA_SET_KEY_PAYLOAD_LEN in userdata if
TYPE_INTEGER is used.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 .../testcases/maps/dumps/typeof_integer_0.nft      | 20 ++++++++++++++++
 tests/shell/testcases/maps/typeof_integer_0        | 27 ++++++++++++++++++++++
 2 files changed, 47 insertions(+)
 create mode 100644 tests/shell/testcases/maps/dumps/typeof_integer_0.nft
 create mode 100755 tests/shell/testcases/maps/typeof_integer_0

(limited to 'tests/shell/testcases/maps')

diff --git a/tests/shell/testcases/maps/dumps/typeof_integer_0.nft b/tests/shell/testcases/maps/dumps/typeof_integer_0.nft
new file mode 100644
index 00000000..33041557
--- /dev/null
+++ b/tests/shell/testcases/maps/dumps/typeof_integer_0.nft
@@ -0,0 +1,20 @@
+table inet t {
+	map m1 {
+		typeof udp length . @ih,32,32 : verdict
+		flags interval
+		elements = { 20-80 . 0x14 : accept,
+			     1-10 . 0xa : drop }
+	}
+
+	map m2 {
+		typeof udp length . @ih,32,32 : verdict
+		elements = { 30 . 0x1e : drop,
+			     20 . 0x24 : accept }
+	}
+
+	chain c {
+		udp length . @ih,32,32 vmap @m1
+		udp length . @ih,32,32 vmap @m2
+		udp length . @th,160,128 vmap { 47-63 . 0xe373135363130333131303735353203 : accept }
+	}
+}
diff --git a/tests/shell/testcases/maps/typeof_integer_0 b/tests/shell/testcases/maps/typeof_integer_0
new file mode 100755
index 00000000..d51510af
--- /dev/null
+++ b/tests/shell/testcases/maps/typeof_integer_0
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+EXPECTED="table inet t {
+	map m1 {
+		typeof udp length . @ih,32,32 : verdict
+		flags interval
+		elements = { 20-80 . 0x14 : accept, 1-10 . 0xa : drop }
+	}
+
+	map m2 {
+		typeof udp length . @ih,32,32 : verdict
+		elements = { 20 . 0x24 : accept, 30 . 0x1e : drop }
+	}
+
+	chain c {
+		udp length . @ih,32,32 vmap @m1
+		udp length . @ih,32,32 vmap @m2
+		udp length . @th,160,128 vmap { 47-63 . 0xe373135363130333131303735353203 : accept }
+	}
+}"
+
+$NFT add element inet t m1 { 90-100 . 40 : drop }
+$NFT delete element inet t m2 { 20 . 20 : accept }
+
+set -e
+$NFT -f - <<< $EXPECTED
+
-- 
cgit v1.2.3