4566bf2706
For L3-proto independant rules we need to get at the L4 protocol value directly. Add it to the nft_pktinfo struct and use the meta expression to retrieve it. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
27 lines
574 B
C
27 lines
574 B
C
#ifndef _NF_TABLES_IPV4_H_
|
|
#define _NF_TABLES_IPV4_H_
|
|
|
|
#include <net/netfilter/nf_tables.h>
|
|
#include <net/ip.h>
|
|
|
|
static inline void
|
|
nft_set_pktinfo_ipv4(struct nft_pktinfo *pkt,
|
|
const struct nf_hook_ops *ops,
|
|
struct sk_buff *skb,
|
|
const struct net_device *in,
|
|
const struct net_device *out)
|
|
{
|
|
struct iphdr *ip;
|
|
|
|
nft_set_pktinfo(pkt, ops, skb, in, out);
|
|
|
|
ip = ip_hdr(pkt->skb);
|
|
pkt->tprot = ip->protocol;
|
|
pkt->xt.thoff = ip_hdrlen(pkt->skb);
|
|
pkt->xt.fragoff = ntohs(ip->frag_off) & IP_OFFSET;
|
|
}
|
|
|
|
extern struct nft_af_info nft_af_ipv4;
|
|
|
|
#endif
|