[nftables] ct: resync netlink header and properly add ct l3protocol support

Patrick McHardy netfilter-cvslog-bounces at lists.netfilter.org
Wed Apr 1 07:43:05 CEST 2009


Gitweb:		http://git.netfilter.org/cgi-bin/gitweb.cgi?p=nftables.git;a=commit;h=3fb11ad7718f28949c73e5f5c01a6548fb86125b
commit 3fb11ad7718f28949c73e5f5c01a6548fb86125b
Author:     Patrick McHardy <kaber at trash.net>
AuthorDate: Tue Mar 31 04:07:24 2009 +0200
Commit:     Patrick McHardy <kaber at trash.net>
CommitDate: Tue Mar 31 04:07:24 2009 +0200

    ct: resync netlink header and properly add ct l3protocol support
    
    Signed-off-by: Patrick McHardy <kaber at trash.net>
       via  3fb11ad7718f28949c73e5f5c01a6548fb86125b (commit)
      from  14ea655e60c929429a2858545e411ced108ad995 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 3fb11ad7718f28949c73e5f5c01a6548fb86125b
Author: Patrick McHardy <kaber at trash.net>
Date:   Tue Mar 31 04:07:24 2009 +0200

    ct: resync netlink header and properly add ct l3protocol support
    
    Signed-off-by: Patrick McHardy <kaber at trash.net>

-----------------------------------------------------------------------

 include/linux/netfilter/nf_tables.h |    7 ++++---
 src/ct.c                            |    6 +++---
 src/parser.y                        |    6 ++++--
 src/scanner.l                       |    1 +
 4 files changed, 12 insertions(+), 8 deletions(-)
Signed-off-by: Patrick McHardy <kaber at trash.net>

diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index b4d518e..0309b9d 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -174,6 +174,7 @@ enum nft_set_attributes {
 	NFTA_SET_SREG,
 	NFTA_SET_DREG,
 	NFTA_SET_KLEN,
+	NFTA_SET_DLEN,
 	NFTA_SET_ELEMENTS,
 	__NFTA_SET_MAX
 };
@@ -262,9 +263,9 @@ enum nft_ct_keys {
 	NFT_CT_SECMARK,
 	NFT_CT_EXPIRATION,
 	NFT_CT_HELPER,
-	NFT_CT_L3PROTO,
-	NFT_CT_SADDR,
-	NFT_CT_DADDR,
+	NFT_CT_L3PROTOCOL,
+	NFT_CT_SRC,
+	NFT_CT_DST,
 	NFT_CT_PROTOCOL,
 	NFT_CT_PROTO_SRC,
 	NFT_CT_PROTO_DST,
diff --git a/src/ct.c b/src/ct.c
index 43dd987..ea97d6a 100644
--- a/src/ct.c
+++ b/src/ct.c
@@ -108,12 +108,12 @@ static const struct ct_template ct_templates[] = {
 					      4 * BITS_PER_BYTE),
 	[NFT_CT_HELPER]		= CT_TEMPLATE("helper",	    &string_type,
 					      BYTEORDER_INVALID, 0),
-	[NFT_CT_L3PROTO]	= CT_TEMPLATE("l3proto",    &invalid_type,
+	[NFT_CT_L3PROTOCOL]	= CT_TEMPLATE("l3proto",    &invalid_type,
 					      BYTEORDER_INVALID,
 					      BITS_PER_BYTE),
-	[NFT_CT_SADDR]		= CT_TEMPLATE("saddr",	    &invalid_type,
+	[NFT_CT_SRC]		= CT_TEMPLATE("saddr",	    &invalid_type,
 					      BYTEORDER_BIG_ENDIAN, 0),
-	[NFT_CT_DADDR]		= CT_TEMPLATE("daddr",	    &invalid_type,
+	[NFT_CT_DST]		= CT_TEMPLATE("daddr",	    &invalid_type,
 					      BYTEORDER_BIG_ENDIAN, 0),
 	[NFT_CT_PROTOCOL]	= CT_TEMPLATE("protocol",   &inet_protocol_type,
 					      BYTEORDER_BIG_ENDIAN,
diff --git a/src/parser.y b/src/parser.y
index 90f9052..c63a14e 100644
--- a/src/parser.y
+++ b/src/parser.y
@@ -287,6 +287,7 @@ static void location_update(struct location *loc, struct location *rhs, int n)
 %token STATUS			"status"
 %token EXPIRATION		"expiration"
 %token HELPER			"helper"
+%token L3PROTOCOL		"l3proto"
 %token PROTO_SRC		"proto-src"
 %token PROTO_DST		"proto-dst"
 
@@ -1133,9 +1134,10 @@ ct_key			:	STATE		{ $$ = NFT_CT_STATE; }
 			|	SECMARK		{ $$ = NFT_CT_SECMARK; }
 			|	EXPIRATION	{ $$ = NFT_CT_EXPIRATION; }
 			|	HELPER		{ $$ = NFT_CT_HELPER; }
+			|	L3PROTOCOL	{ $$ = NFT_CT_L3PROTOCOL; }
+			|	SADDR		{ $$ = NFT_CT_SRC; }
+			|	DADDR		{ $$ = NFT_CT_DST; }
 			|	PROTOCOL	{ $$ = NFT_CT_PROTOCOL; }
-			|	SADDR		{ $$ = NFT_CT_SADDR; }
-			|	DADDR		{ $$ = NFT_CT_DADDR; }
 			|	PROTO_SRC	{ $$ = NFT_CT_PROTO_SRC; }
 			|	PROTO_DST	{ $$ = NFT_CT_PROTO_DST; }
 			;
diff --git a/src/scanner.l b/src/scanner.l
index 7fc01f7..f8d018b 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -375,6 +375,7 @@ addrstring	({macaddr}|{ip4addr}|{ip6addr})
 "status"		{ return STATUS; }
 "expiration"		{ return EXPIRATION; }
 "helper"		{ return HELPER; }
+"l3proto"		{ return L3PROTOCOL; }
 "proto-src"		{ return PROTO_SRC; }
 "proto-dst"		{ return PROTO_DST; }
 



More information about the netfilter-cvslog mailing list