[Bug] Reverse translation skips "leading" meta protocol match

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

Please see the following for details:

# nft --debug=netlink list table bridge meh
bridge meh hmm 2
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00004300 ]
  [ immediate reg 0 accept ]

bridge meh hmm 3 2
  [ meta load protocol => reg 1 ]
  [ cmp eq reg 1 0x00000008 ]
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00004300 ]
  [ immediate reg 0 accept ]

bridge meh hmm 4 3
  [ meta load l4proto => reg 1 ]
  [ cmp eq reg 1 0x00000011 ]
  [ payload load 2b @ transport header + 2 => reg 1 ]
  [ cmp eq reg 1 0x00004300 ]
  [ meta load protocol => reg 1 ]
  [ cmp eq reg 1 0x00000008 ]
  [ immediate reg 0 accept ]

table bridge meh {
    chain hmm {
        udp dport 67 accept
        udp dport 67 accept
        udp dport 67 meta protocol ip accept
    }
}

Regards,
Tom



[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux