* [PATCH iptables] nft-shared: set correc register value
@ 2021-12-18 20:14 Florian Westphal
2021-12-22 23:52 ` Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: Florian Westphal @ 2021-12-18 20:14 UTC (permalink / raw)
To: netfilter-devel; +Cc: Florian Westphal
reg is populated based off the payload base:
NFTNL_EXPR_META_KEY = NFTNL_EXPR_BASE,
NFTNL_EXPR_META_DREG,
NFTNL_EXPR_PAYLOAD_DREG = NFTNL_EXPR_BASE,
Fix this. It worked because the simple nft rules
currently generated via ipables-nft have
base == register-number but this is a coincidence.
Signed-off-by: Florian Westphal <fw@strlen.de>
---
iptables/nft-shared.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index b281ba2987cc..4394e8b7c4e8 100644
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -443,7 +443,7 @@ static void nft_parse_payload(struct nft_xt_ctx *ctx, struct nftnl_expr *e)
ctx->flags |= NFT_XT_CTX_PREV_PAYLOAD;
}
- ctx->reg = nftnl_expr_get_u32(e, NFTNL_EXPR_META_DREG);
+ ctx->reg = nftnl_expr_get_u32(e, NFTNL_EXPR_PAYLOAD_DREG);
ctx->payload.base = nftnl_expr_get_u32(e, NFTNL_EXPR_PAYLOAD_BASE);
ctx->payload.offset = nftnl_expr_get_u32(e, NFTNL_EXPR_PAYLOAD_OFFSET);
ctx->payload.len = nftnl_expr_get_u32(e, NFTNL_EXPR_PAYLOAD_LEN);
--
2.33.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-12-22 23:52 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-12-18 20:14 [PATCH iptables] nft-shared: set correc register value Florian Westphal
2021-12-22 23:52 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).