[nftables] ct: resync netlink header and properly add ct l3protocol support
Patrick McHardy
netfilter-cvslog-bounces at lists.netfilter.org
Wed Apr 1 07:43:05 CEST 2009
Gitweb: http://git.netfilter.org/cgi-bin/gitweb.cgi?p=nftables.git;a=commit;h=3fb11ad7718f28949c73e5f5c01a6548fb86125b
commit 3fb11ad7718f28949c73e5f5c01a6548fb86125b
Author: Patrick McHardy <kaber at trash.net>
AuthorDate: Tue Mar 31 04:07:24 2009 +0200
Commit: Patrick McHardy <kaber at trash.net>
CommitDate: Tue Mar 31 04:07:24 2009 +0200
ct: resync netlink header and properly add ct l3protocol support
Signed-off-by: Patrick McHardy <kaber at trash.net>
via 3fb11ad7718f28949c73e5f5c01a6548fb86125b (commit)
from 14ea655e60c929429a2858545e411ced108ad995 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3fb11ad7718f28949c73e5f5c01a6548fb86125b
Author: Patrick McHardy <kaber at trash.net>
Date: Tue Mar 31 04:07:24 2009 +0200
ct: resync netlink header and properly add ct l3protocol support
Signed-off-by: Patrick McHardy <kaber at trash.net>
-----------------------------------------------------------------------
include/linux/netfilter/nf_tables.h | 7 ++++---
src/ct.c | 6 +++---
src/parser.y | 6 ++++--
src/scanner.l | 1 +
4 files changed, 12 insertions(+), 8 deletions(-)
Signed-off-by: Patrick McHardy <kaber at trash.net>
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index b4d518e..0309b9d 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -174,6 +174,7 @@ enum nft_set_attributes {
NFTA_SET_SREG,
NFTA_SET_DREG,
NFTA_SET_KLEN,
+ NFTA_SET_DLEN,
NFTA_SET_ELEMENTS,
__NFTA_SET_MAX
};
@@ -262,9 +263,9 @@ enum nft_ct_keys {
NFT_CT_SECMARK,
NFT_CT_EXPIRATION,
NFT_CT_HELPER,
- NFT_CT_L3PROTO,
- NFT_CT_SADDR,
- NFT_CT_DADDR,
+ NFT_CT_L3PROTOCOL,
+ NFT_CT_SRC,
+ NFT_CT_DST,
NFT_CT_PROTOCOL,
NFT_CT_PROTO_SRC,
NFT_CT_PROTO_DST,
diff --git a/src/ct.c b/src/ct.c
index 43dd987..ea97d6a 100644
--- a/src/ct.c
+++ b/src/ct.c
@@ -108,12 +108,12 @@ static const struct ct_template ct_templates[] = {
4 * BITS_PER_BYTE),
[NFT_CT_HELPER] = CT_TEMPLATE("helper", &string_type,
BYTEORDER_INVALID, 0),
- [NFT_CT_L3PROTO] = CT_TEMPLATE("l3proto", &invalid_type,
+ [NFT_CT_L3PROTOCOL] = CT_TEMPLATE("l3proto", &invalid_type,
BYTEORDER_INVALID,
BITS_PER_BYTE),
- [NFT_CT_SADDR] = CT_TEMPLATE("saddr", &invalid_type,
+ [NFT_CT_SRC] = CT_TEMPLATE("saddr", &invalid_type,
BYTEORDER_BIG_ENDIAN, 0),
- [NFT_CT_DADDR] = CT_TEMPLATE("daddr", &invalid_type,
+ [NFT_CT_DST] = CT_TEMPLATE("daddr", &invalid_type,
BYTEORDER_BIG_ENDIAN, 0),
[NFT_CT_PROTOCOL] = CT_TEMPLATE("protocol", &inet_protocol_type,
BYTEORDER_BIG_ENDIAN,
diff --git a/src/parser.y b/src/parser.y
index 90f9052..c63a14e 100644
--- a/src/parser.y
+++ b/src/parser.y
@@ -287,6 +287,7 @@ static void location_update(struct location *loc, struct location *rhs, int n)
%token STATUS "status"
%token EXPIRATION "expiration"
%token HELPER "helper"
+%token L3PROTOCOL "l3proto"
%token PROTO_SRC "proto-src"
%token PROTO_DST "proto-dst"
@@ -1133,9 +1134,10 @@ ct_key : STATE { $$ = NFT_CT_STATE; }
| SECMARK { $$ = NFT_CT_SECMARK; }
| EXPIRATION { $$ = NFT_CT_EXPIRATION; }
| HELPER { $$ = NFT_CT_HELPER; }
+ | L3PROTOCOL { $$ = NFT_CT_L3PROTOCOL; }
+ | SADDR { $$ = NFT_CT_SRC; }
+ | DADDR { $$ = NFT_CT_DST; }
| PROTOCOL { $$ = NFT_CT_PROTOCOL; }
- | SADDR { $$ = NFT_CT_SADDR; }
- | DADDR { $$ = NFT_CT_DADDR; }
| PROTO_SRC { $$ = NFT_CT_PROTO_SRC; }
| PROTO_DST { $$ = NFT_CT_PROTO_DST; }
;
diff --git a/src/scanner.l b/src/scanner.l
index 7fc01f7..f8d018b 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -375,6 +375,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
"status" { return STATUS; }
"expiration" { return EXPIRATION; }
"helper" { return HELPER; }
+"l3proto" { return L3PROTOCOL; }
"proto-src" { return PROTO_SRC; }
"proto-dst" { return PROTO_DST; }
More information about the netfilter-cvslog
mailing list