[Bug 1775] RAW PAYLOAD EXPRESSION offset is limited to 2048

Thu Sep 26 12:38:44 CEST 2024

https://bugzilla.netfilter.org/show_bug.cgi?id=1775

Phil Sutter <phil at nwl.cc> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|critical                    |enhancement
                 CC|                            |phil at nwl.cc
          Component|nft                         |kernel
            Version|1.0.x                       |unspecified

--- Comment #1 from Phil Sutter <phil at nwl.cc> ---
Yes, this is a limitation of payload expression in kernel. Max offset and
length are 255 bytes, limited by struct nft_payload field sizes. It is like
this since day 1, I suppose the rationale was that headers usually fit into the
first 256 bytes of a packet. What's your use-case?

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240926/c9718485/attachment.html>