[Bug 1226] Segmentation fault when printing a rule checking byte zero of NFT_PAYLOAD_LL_HEADER
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Feb 15 15:31:16 CET 2018
https://bugzilla.netfilter.org/show_bug.cgi?id=1226
Florian Westphal <fw at strlen.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Assignee|pablo at netfilter.org |fw at strlen.de
CC| |fw at strlen.de
Status|NEW |ASSIGNED
--- Comment #1 from Florian Westphal <fw at strlen.de> ---
I'll send a fix asap, thanks for reporting.
The rule inserted is this:
inet my_table my_chain 2
[ payload load 6b @ link header + 0 => reg 1 ]
[ cmp eq reg 1 0x00000000 0x00000000 ]
nft add rule .. ether daddr 0 generates this:
[ meta load iiftype => reg 1 ];needed so we only test ethernet frames
[ cmp eq reg 1 0x00000001 ]
[ payload load 6b @ link header + 0 => reg 1 ]
[ cmp eq reg 1 0x00000000 0x00000000 ]
When decoding, nft uses proto_inet to find the header layout to decode,
which is not correct.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180215/694acc8c/attachment.html>
More information about the netfilter-buglog
mailing list