Commit Graph

44 Commits

Author SHA1 Message Date
Gustavo Iñiguez Goia 5a9391c12f
Added support for quota expression (#149) 2022-03-29 18:00:11 +02:00
turekt 211824995d
Log expression refactor (#147)
Fixes https://github.com/google/nftables/issues/113

Log expression implementation changed to better support different log options
Added uint16 support to the binaryutil package
Changed old log expression tests that were failing after change
Added a new test to check the implementation for multiple log options
2022-02-21 22:42:39 +01:00
pengyuan.dai 5573dab9cc
Add CtStateBit constants and related usage test #121 (#122)
fixes #121
2021-05-14 16:05:40 +02:00
Paul Greenberg c25e4f69b4
fix: unmarshaling verdicts with chain information (#106)
Before this commit: the unmarshaling of a verdict pointing
to a chain fails.

After this commit: the unmarshaling of a rule with a verdict
pointing to a chain succeeds and the information about the
chain gets put in `Verdict.Chain`.

Resolves: #105

Signed-off-by: Paul Greenberg <greenpau@outlook.com>
2020-08-02 19:55:06 +02:00
Grégoire Delattre 7127d9d224
Add support for rate limiting (#101) 2020-03-16 08:58:19 +01:00
Grégoire Delattre 21c5c5c425
Add missing VerdictKind (#99) 2020-03-06 11:32:18 +01:00
Serguei Bezverkhi 1c56a1906f Add Dynset expression and unit test (#97)
* Add dynset expression and unit test

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2020-02-10 11:14:20 +01:00
Alexis PIRES 9a6c96795b Stateless NAT and notrack support (#82) 2019-12-17 21:54:26 +01:00
Alexis PIRES e2e83d0ff5 Add dup expr support (#81) 2019-12-13 23:35:06 +01:00
Serguei Bezverkhi 9dee196925 Add expression and tests for numgen (#77)
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-11-28 09:43:38 +01:00
Serguei Bezverkhi e0f4f3f8f8 Add bitwise decoder logic (#71) 2019-11-07 15:38:12 +01:00
Minaru 35de0a609f Hash expr implementation (#68)
* [expr] Implement Hash expr.

* [test] Add Hash test case.
2019-10-19 08:53:53 +02:00
Maxime Demode 71337b220c [expr] Add SourceRegister field and modify marshal function to work with it. 2019-10-15 18:31:07 +02:00
Maxime Demode 3c7d959797 [expr] Replace Key type in Ct struct by CtKey. 2019-10-15 18:02:12 +02:00
Maxime Demode 29d7aa173f [expr] Create CtKey type and add const values. 2019-10-15 18:01:31 +02:00
Serguei Bezverkhi 5d14089d2e Adding to nat expression additional parameters (#59)
* Change in dnat logic to cover all combinations

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>

* Add parameter to cover all possible nat combinations

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-09-06 08:28:27 +02:00
Serguei Bezverkhi 4b2264477a lookup dest reg check fix (#57)
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-08-31 09:36:20 +02:00
Serguei Bezverkhi 85a78b5285 Adding Fib expression and unit tests (#54) 2019-08-27 08:49:06 +02:00
Serguei Bezverkhi d514535a0c Reject expression and Unit tests (#53) 2019-08-26 09:57:52 +02:00
Serguei Bezverkhi ec0390b058 Extend Masq support and add unit testing (#52) 2019-08-25 23:43:47 +02:00
Serguei Bezverkhi 6925991d82 Meta SREG and DREG (#51)
* meta requires to use source and destination registers

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-08-19 23:36:36 +02:00
Serguei Bezverkhi 9907ca3831 Add log expression and test (#42)
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-08-01 12:41:37 -07:00
Serguei Bezverkhi 7895e345f5 Add Connection tracking expression and test (#38)
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-07-20 13:20:42 +02:00
Serguei Bezverkhi 7a68526274 tproxy expression support and test (#32)
Add support for tproxy expression

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-06-30 01:06:32 +02:00
Serguei Bezverkhi 8d26daf060 Implement range expression (#22)
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>

fixes #19
2019-06-05 13:15:05 +02:00
Michael Stapelberg 70f367a546 verdict: add Chain (+test)
related to #18
2019-05-24 02:56:43 +02:00
Michael Stapelberg c5bb71b2cf implement redir expression (+test)
fixes #17
2019-05-17 13:57:31 +02:00
Ryan Whelan 07c974e364 fix: Typo in unmarshal on Cmp struct (#14) 2019-04-30 17:07:43 +02:00
Tom D b8b6574812 Implement GetRule for Immediate, Verdict, and Lookup expressions (#11) 2019-02-18 13:01:32 +01:00
Tom D ca263a814b Add support for inverted set lookups. (#10) 2019-02-13 10:06:43 +01:00
Tom 2bb2b66f95 Implement support for anonymous & named sets. 2019-02-11 16:11:27 -08:00
Dhiver b732c419a3 Implement Queue Expr (#8) 2019-01-28 18:01:13 +01:00
Tom D 7612760462 Implement verdict expression. (#7) 2019-01-17 09:48:46 +01:00
Michael Stapelberg 9ac63cb282 add exprs and test for TCP MSS clamping 2018-10-22 09:22:02 +02:00
Michael Stapelberg 409eade12e switch to new netlink.AttributeDecoder
fixes #2
2018-08-10 18:59:05 +02:00
Michael Stapelberg 121db0bb23 add expr.Objref 2018-08-08 23:11:26 +02:00
Michael Stapelberg beb488f6fa implement expr.Payload unmarshaling 2018-06-28 20:05:27 +02:00
Michael Stapelberg 2338808f3c fix expr.Cmp unmarshaling 2018-06-28 20:05:16 +02:00
Michael Stapelberg 48a6685597 add expr.Counter 2018-06-23 21:12:40 +02:00
Michael Stapelberg 1324f5d5a9 add GetRule 2018-06-23 21:12:14 +02:00
Michael Stapelberg 05c74458a0 NAT: add RegProtoMax if >0 2018-06-14 22:26:30 +02:00
Michael Stapelberg 0ba4d9997a Cmp: fix accidentally hard-coded EQ operator 2018-06-14 22:26:13 +02:00
Michael Stapelberg dab6002a09 add enough expressions to express port forwardings 2018-06-04 23:13:54 +02:00
Michael Stapelberg afbe6ed893 Initial commit 2018-05-24 22:09:26 -07:00