[PATCH nft 0/2] fix host-endian constant values in set lookup keys

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


commit b422b07ab2f96436001f33dfdfd937238033c799
("src: permit use of constant values in set lookup keys") allows to do
something like this:

set s { type ipv4_addr . ipv4_addr . inet_service .. } something
add rule ip saddr . . 80 @s goto c1

However, it turns out that this only works if the constant(s)
( and 80) have BYTEORDER_BIG_ENDIAN type.

Combining a fixed value with a key portion of HOST type results in
a crash (assertion).

First patch is a refactor, second patch adds needed byteorder
conversions to deal with this problem.

Florian Westphal (2):
  netlink_delinearize: move concat and value postprocessing to helpers
  evaluate: permit use of host-endian constant values in set lookup keys

 src/evaluate.c                                | 65 +++++++------
 src/netlink_delinearize.c                     | 97 ++++++++++++-------
 .../packetpath/dumps/set_lookups.nft          | 51 ++++++++++
 tests/shell/testcases/packetpath/set_lookups  | 64 ++++++++++++
 .../sets/dumps/typeof_sets_concat.nft         | 11 +++
 5 files changed, 221 insertions(+), 67 deletions(-)
 create mode 100644 tests/shell/testcases/packetpath/dumps/set_lookups.nft
 create mode 100755 tests/shell/testcases/packetpath/set_lookups


[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux