... because it doesn't work, we attempt to merge it into wrong
place, we would have to merge the second value at a specific location.
F.e. vlan hdr 4094 gives us
0xfe0f
Merging in the CFI should yield 0xfe1f, but the constant merging
doesn't know how to achive that; at the moment 'vlan id 4094'
and 'vlan id 4094 vlan cfi 1' give same result -- 0xfe0f.
For now just turn off the optimization step unless everything is
byte divisible (the common case).
Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
---
src/payload.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/payload.c b/src/payload.c
index bd574ee..372dcec 100644
--- a/src/payload.c
+++ b/src/payload.c
@@ -357,6 +357,10 @@ raw:
*/
bool payload_is_adjacent(const struct expr *e1, const struct expr *e2)
{
+ if (e1->payload.offset % BITS_PER_BYTE || e1->len % BITS_PER_BYTE ||
+ e2->payload.offset % BITS_PER_BYTE || e2->len % BITS_PER_BYTE)
+ return false;
+
if (e1->payload.base == e2->payload.base &&
e1->payload.offset + e1->len == e2->payload.offset)
return true;
--
2.0.5
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
