* [PATCH nftables] Allow concatenation of rt nexthop etc.
@ 2016-10-29 9:49 Anders K. Pedersen | Cohaesio
2016-10-31 14:08 ` Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: Anders K. Pedersen | Cohaesio @ 2016-10-29 9:49 UTC (permalink / raw)
To: netfilter-devel@vger.kernel.org
From: Anders K. Pedersen <akp@cohaesio.com>
Concatenations of rt nexthop or ct {orignal | reply} {saddr | daddr} fail
due to
# nft add rule ip filter postrouting flow table acct \{ ip saddr . rt nexthop counter \}
<cmdline>:1:61-70: Error: can not use variable sized data types (invalid) in concat expressions
add rule ip filter postrouting flow table acct { ip saddr . rt nexthop counter }
~~~~~~~~~~~^^^^^^^^^^
Fix this by reordering the check for variable size data types in
expr_evaluate_concat() to happen after expr_evaluate() has been called (via
list_member_evaluate()) for the sub expression. This allows
expr_evaluate_[cr]t() to call [cr]t_expr_update_type() and set the data type
before the check.
Signed-off-by: Anders K. Pedersen <akp@cohaesio.com>
---
src/evaluate.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/evaluate.c b/src/evaluate.c
index 79add5e..878efac 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -987,13 +987,6 @@ static int expr_evaluate_concat(struct eval_ctx *ctx, struct expr **expr)
"expecting %s",
dtype->desc);
- if (dtype == NULL && i->dtype->size == 0)
- return expr_binary_error(ctx->msgs, i, *expr,
- "can not use variable sized "
- "data types (%s) in concat "
- "expressions",
- i->dtype->name);
-
if (dtype == NULL)
tmp = datatype_lookup(TYPE_INVALID);
else
@@ -1004,6 +997,13 @@ static int expr_evaluate_concat(struct eval_ctx *ctx, struct expr **expr)
return -1;
flags &= i->flags;
+ if (dtype == NULL && i->dtype->size == 0)
+ return expr_binary_error(ctx->msgs, i, *expr,
+ "can not use variable sized "
+ "data types (%s) in concat "
+ "expressions",
+ i->dtype->name);
+
ntype = concat_subtype_add(ntype, i->dtype->type);
}
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH nftables] Allow concatenation of rt nexthop etc.
2016-10-29 9:49 [PATCH nftables] Allow concatenation of rt nexthop etc Anders K. Pedersen | Cohaesio
@ 2016-10-31 14:08 ` Pablo Neira Ayuso
0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2016-10-31 14:08 UTC (permalink / raw)
To: Anders K. Pedersen | Cohaesio; +Cc: netfilter-devel@vger.kernel.org
On Sat, Oct 29, 2016 at 09:49:09AM +0000, Anders K. Pedersen | Cohaesio wrote:
> From: Anders K. Pedersen <akp@cohaesio.com>
>
> Concatenations of rt nexthop or ct {orignal | reply} {saddr | daddr} fail
> due to
>
> # nft add rule ip filter postrouting flow table acct \{ ip saddr . rt nexthop counter \}
> <cmdline>:1:61-70: Error: can not use variable sized data types (invalid) in concat expressions
> add rule ip filter postrouting flow table acct { ip saddr . rt nexthop counter }
> ~~~~~~~~~~~^^^^^^^^^^
>
> Fix this by reordering the check for variable size data types in
> expr_evaluate_concat() to happen after expr_evaluate() has been called (via
> list_member_evaluate()) for the sub expression. This allows
> expr_evaluate_[cr]t() to call [cr]t_expr_update_type() and set the data type
> before the check.
Applied, thanks Anders.
P.S: I can see git am sometimes complain about trailing CRLF, also
patchwork seems to skip some of your patches for some reason, which
makes it easier for us to lose stuff from you. I guess it's probably
MUA related problem, it would be great if you find the root cause.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-10-31 14:08 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-10-29 9:49 [PATCH nftables] Allow concatenation of rt nexthop etc Anders K. Pedersen | Cohaesio
2016-10-31 14:08 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).