Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > Unsupported meta match on layer 4 protocol sets on protocol context to > proto_unknown, handle anything coming after it as a raw expression in > payload_expr_expand(). > > Moreover, payload_dependency_kill() skips dependency removal if protocol > is unknown, so raw payload expression leaves meta layer 4 protocol > remains in place. > > Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1641 > Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> > --- > src/payload.c | 6 ++++-- > tests/py/any/rawpayload.t | 2 ++ > tests/py/any/rawpayload.t.json | 31 +++++++++++++++++++++++++++++++ > tests/py/any/rawpayload.t.payload | 8 ++++++++ LGTM, thanks for including testcases!
