Since proto_th carries no information about the proto number, we need to
preserve the L4 protocol expression.
For example, if "meta l4proto 91 @th,0,16 0" is simplified to
"th sport 0", the information of protocol number is lost. This patch
changes it to "meta l4proto 91 th sport 0".
Signed-off-by: Xiao Liang <shaw.leon@xxxxxxxxx>
---
Technically, if port is not defined for the L4 protocol, it's better to
keep "@th,0,16" as raw payload expressions rather than "th sport". But
it's not easy to figure out the context.
---
src/payload.c | 1 +
tests/py/any/rawpayload.t | 1 +
tests/py/any/rawpayload.t.json | 31 +++++++++++++++++++++++++++++++
tests/py/any/rawpayload.t.payload | 8 ++++++++
4 files changed, 41 insertions(+)
diff --git a/src/payload.c b/src/payload.c
index f8b192b5..a039e242 100644
--- a/src/payload.c
+++ b/src/payload.c
@@ -920,6 +920,7 @@ void payload_dependency_kill(struct payload_dep_ctx *ctx, struct expr *expr,
unsigned int family)
{
if (expr->payload.desc != &proto_unknown &&
+ expr->payload.desc != &proto_th &&
payload_dependency_exists(ctx, expr->payload.base) &&
payload_may_dependency_kill(ctx, family, expr))
payload_dependency_release(ctx, expr->payload.base);
diff --git a/tests/py/any/rawpayload.t b/tests/py/any/rawpayload.t
index 745b4a61..4ef53f82 100644
--- a/tests/py/any/rawpayload.t
+++ b/tests/py/any/rawpayload.t
@@ -21,6 +21,7 @@ meta l4proto tcp @th,16,16 { 22, 23, 80};ok;tcp dport { 22, 23, 80}
@ll,0,128 0xfedcba987654321001234567890abcde;ok
meta l4proto 91 @th,400,16 0x0 accept;ok
+meta l4proto 91 @th,0,16 0x0 accept;ok;meta l4proto 91 th sport 0 accept
@ih,32,32 0x14000000;ok
@ih,58,6 set 0 @ih,86,6 set 0 @ih,170,22 set 0;ok;@ih,58,6 set 0x0 @ih,86,6 set 0x0 @ih,170,22 set 0x0
diff --git a/tests/py/any/rawpayload.t.json b/tests/py/any/rawpayload.t.json
index 4a06c598..2d3c7904 100644
--- a/tests/py/any/rawpayload.t.json
+++ b/tests/py/any/rawpayload.t.json
@@ -187,6 +187,37 @@
}
]
+# meta l4proto 91 @th,0,16 0x0 accept
+[
+ {
+ "match": {
+ "left": {
+ "meta": {
+ "key": "l4proto"
+ }
+ },
+ "op": "==",
+ "right": 91
+ }
+ },
+ {
+ "match": {
+ "left": {
+ "payload": {
+ "field": "sport",
+ "protocol": "th"
+ }
+ },
+ "op": "==",
+ "right": 0
+ }
+ },
+ {
+ "accept": null
+ }
+]
+
+
# @ih,32,32 0x14000000
[
{
diff --git a/tests/py/any/rawpayload.t.payload b/tests/py/any/rawpayload.t.payload
index 8984eef6..c093d5d8 100644
--- a/tests/py/any/rawpayload.t.payload
+++ b/tests/py/any/rawpayload.t.payload
@@ -56,6 +56,14 @@ inet test-inet input
[ cmp eq reg 1 0x00000000 ]
[ immediate reg 0 accept ]
+# meta l4proto 91 @th,0,16 0x0 accept
+inet test-inet input
+ [ meta load l4proto => reg 1 ]
+ [ cmp eq reg 1 0x0000005b ]
+ [ payload load 2b @ transport header + 0 => reg 1 ]
+ [ cmp eq reg 1 0x00000000 ]
+ [ immediate reg 0 accept ]
+
# @ih,32,32 0x14000000
inet test-inet input
[ payload load 4b @ inner header + 4 => reg 1 ]
--
2.48.1
