netfilter_nft/nftnlrdr_misc.c: comments and warning in parse_rule_payload()
This commit is contained in:
parent
424f5c259f
commit
4c68985304
|
@ -359,15 +359,25 @@ parse_rule_payload(struct nftnl_expr *e, rule_t *r)
|
||||||
} else if (offset == offsetof(struct ipv6hdr, saddr) &&
|
} else if (offset == offsetof(struct ipv6hdr, saddr) &&
|
||||||
len == sizeof(struct in6_addr) * 2) {
|
len == sizeof(struct in6_addr) * 2) {
|
||||||
*regptr = RULE_REG_IP6_SD_ADDR;
|
*regptr = RULE_REG_IP6_SD_ADDR;
|
||||||
|
} else {
|
||||||
|
syslog(LOG_WARNING,
|
||||||
|
"%s: Unsupported payload: (dreg:%u, base:NETWORK_HEADER, offset:%u, len:%u)",
|
||||||
|
"parse_rule_payload", dreg, offset, len);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case NFT_PAYLOAD_TRANSPORT_HEADER:
|
case NFT_PAYLOAD_TRANSPORT_HEADER:
|
||||||
|
/* in both UDP and TCP headers, source port is at offset 0,
|
||||||
|
* destination port at offset 2 */
|
||||||
if (offset == offsetof(struct tcphdr, dest) &&
|
if (offset == offsetof(struct tcphdr, dest) &&
|
||||||
len == sizeof(uint16_t)) {
|
len == sizeof(uint16_t)) {
|
||||||
*regptr = RULE_REG_TCP_DPORT;
|
*regptr = RULE_REG_TCP_DPORT;
|
||||||
} else if (offset == offsetof(struct tcphdr, source) &&
|
} else if (offset == offsetof(struct tcphdr, source) &&
|
||||||
len == sizeof(uint16_t) * 2) {
|
len == sizeof(uint16_t) * 2) {
|
||||||
*regptr = RULE_REG_TCP_SD_PORT;
|
*regptr = RULE_REG_TCP_SD_PORT;
|
||||||
|
} else {
|
||||||
|
syslog(LOG_WARNING,
|
||||||
|
"%s: Unsupported payload: (dreg:%u, base:TRANSPORT_HEADER, offset:%u, len:%u)",
|
||||||
|
"parse_rule_payload", dreg, offset, len);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
|
Loading…
Reference in New Issue