diff options
author | Patrick McHardy <kaber@trash.net> | 2014-01-03 12:16:18 +0000 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-01-07 23:57:31 +0100 |
commit | 4566bf27069b7780e453cffb24ea5f5323059885 (patch) | |
tree | 216307284d8588c3a1250dc01c956f4b40b9809c /net/netfilter | |
parent | 124edfa9e0451e97d621cd2796a44ff499e21036 (diff) |
netfilter: nft_meta: add l4proto support
For L3-proto independant rules we need to get at the L4 protocol value
directly. Add it to the nft_pktinfo struct and use the meta expression
to retrieve it.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter')
-rw-r--r-- | net/netfilter/nft_meta.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c index 999d0468843..b43975a4330 100644 --- a/net/netfilter/nft_meta.c +++ b/net/netfilter/nft_meta.c @@ -46,6 +46,9 @@ static void nft_meta_get_eval(const struct nft_expr *expr, case NFT_META_NFPROTO: dest->data[0] = pkt->ops->pf; break; + case NFT_META_L4PROTO: + dest->data[0] = pkt->tprot; + break; case NFT_META_PRIORITY: dest->data[0] = skb->priority; break; @@ -185,6 +188,7 @@ static int nft_meta_init_validate_get(uint32_t key) case NFT_META_LEN: case NFT_META_PROTOCOL: case NFT_META_NFPROTO: + case NFT_META_L4PROTO: case NFT_META_PRIORITY: case NFT_META_MARK: case NFT_META_IIF: |