Commit Graph

47 Commits

Author SHA1 Message Date
Rafael Campos Las Heras 950e408d48 Fix range expression unmarshalling
Fix the range expression unmarshalling on the `FromData` and `ToData`
Range expression fields.
2022-04-07 21:54:05 +02:00
Rafael Campos Las Heras d46a80e963 Fix payload unmarshall operation type.
When unmarshalling the Payload expression the operation type is not
updated. Apply the same logic for unmarshalling that we apply for
marshalling.
2022-04-07 21:54:05 +02:00
Ben de Graaff 2ba518ec5c
Unmarshal Exthdr and support DestRegister/Flags for reads (#151) (#152)
* Unmarshal Exthdr and support DestRegister/Flags for reads

Some fields in Exthdr are context-sensitive. Mixing unexpected fields
will result in EOPNOTSUPP.

* Fix order in which Exthdr attributes are written
2022-04-05 21:44:27 +02:00
Gustavo Iñiguez Goia 5a9391c12f
Added support for quota expression (#149) 2022-03-29 18:00:11 +02:00
turekt 211824995d
Log expression refactor (#147)
Fixes https://github.com/google/nftables/issues/113

Log expression implementation changed to better support different log options
Added uint16 support to the binaryutil package
Changed old log expression tests that were failing after change
Added a new test to check the implementation for multiple log options
2022-02-21 22:42:39 +01:00
pengyuan.dai 5573dab9cc
Add CtStateBit constants and related usage test #121 (#122)
fixes #121
2021-05-14 16:05:40 +02:00
Paul Greenberg c25e4f69b4
fix: unmarshaling verdicts with chain information (#106)
Before this commit: the unmarshaling of a verdict pointing
to a chain fails.

After this commit: the unmarshaling of a rule with a verdict
pointing to a chain succeeds and the information about the
chain gets put in `Verdict.Chain`.

Resolves: #105

Signed-off-by: Paul Greenberg <greenpau@outlook.com>
2020-08-02 19:55:06 +02:00
Grégoire Delattre 7127d9d224
Add support for rate limiting (#101) 2020-03-16 08:58:19 +01:00
Grégoire Delattre 21c5c5c425
Add missing VerdictKind (#99) 2020-03-06 11:32:18 +01:00
Serguei Bezverkhi 1c56a1906f Add Dynset expression and unit test (#97)
* Add dynset expression and unit test

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2020-02-10 11:14:20 +01:00
Alexis PIRES 9a6c96795b Stateless NAT and notrack support (#82) 2019-12-17 21:54:26 +01:00
Alexis PIRES e2e83d0ff5 Add dup expr support (#81) 2019-12-13 23:35:06 +01:00
Serguei Bezverkhi 9dee196925 Add expression and tests for numgen (#77)
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-11-28 09:43:38 +01:00
Serguei Bezverkhi e0f4f3f8f8 Add bitwise decoder logic (#71) 2019-11-07 15:38:12 +01:00
Minaru 35de0a609f Hash expr implementation (#68)
* [expr] Implement Hash expr.

* [test] Add Hash test case.
2019-10-19 08:53:53 +02:00
Maxime Demode 71337b220c [expr] Add SourceRegister field and modify marshal function to work with it. 2019-10-15 18:31:07 +02:00
Maxime Demode 3c7d959797 [expr] Replace Key type in Ct struct by CtKey. 2019-10-15 18:02:12 +02:00
Maxime Demode 29d7aa173f [expr] Create CtKey type and add const values. 2019-10-15 18:01:31 +02:00
Serguei Bezverkhi 5d14089d2e Adding to nat expression additional parameters (#59)
* Change in dnat logic to cover all combinations

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>

* Add parameter to cover all possible nat combinations

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-09-06 08:28:27 +02:00
Serguei Bezverkhi 4b2264477a lookup dest reg check fix (#57)
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-08-31 09:36:20 +02:00
Serguei Bezverkhi 85a78b5285 Adding Fib expression and unit tests (#54) 2019-08-27 08:49:06 +02:00
Serguei Bezverkhi d514535a0c Reject expression and Unit tests (#53) 2019-08-26 09:57:52 +02:00
Serguei Bezverkhi ec0390b058 Extend Masq support and add unit testing (#52) 2019-08-25 23:43:47 +02:00
Serguei Bezverkhi 6925991d82 Meta SREG and DREG (#51)
* meta requires to use source and destination registers

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-08-19 23:36:36 +02:00
Serguei Bezverkhi 9907ca3831 Add log expression and test (#42)
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-08-01 12:41:37 -07:00
Serguei Bezverkhi 7895e345f5 Add Connection tracking expression and test (#38)
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-07-20 13:20:42 +02:00
Serguei Bezverkhi 7a68526274 tproxy expression support and test (#32)
Add support for tproxy expression

Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>
2019-06-30 01:06:32 +02:00
Serguei Bezverkhi 8d26daf060 Implement range expression (#22)
Signed-off-by: Serguei Bezverkhi <sbezverk@cisco.com>

fixes #19
2019-06-05 13:15:05 +02:00
Michael Stapelberg 70f367a546 verdict: add Chain (+test)
related to #18
2019-05-24 02:56:43 +02:00
Michael Stapelberg c5bb71b2cf implement redir expression (+test)
fixes #17
2019-05-17 13:57:31 +02:00
Ryan Whelan 07c974e364 fix: Typo in unmarshal on Cmp struct (#14) 2019-04-30 17:07:43 +02:00
Tom D b8b6574812 Implement GetRule for Immediate, Verdict, and Lookup expressions (#11) 2019-02-18 13:01:32 +01:00
Tom D ca263a814b Add support for inverted set lookups. (#10) 2019-02-13 10:06:43 +01:00
Tom 2bb2b66f95 Implement support for anonymous & named sets. 2019-02-11 16:11:27 -08:00
Dhiver b732c419a3 Implement Queue Expr (#8) 2019-01-28 18:01:13 +01:00
Tom D 7612760462 Implement verdict expression. (#7) 2019-01-17 09:48:46 +01:00
Michael Stapelberg 9ac63cb282 add exprs and test for TCP MSS clamping 2018-10-22 09:22:02 +02:00
Michael Stapelberg 409eade12e switch to new netlink.AttributeDecoder
fixes #2
2018-08-10 18:59:05 +02:00
Michael Stapelberg 121db0bb23 add expr.Objref 2018-08-08 23:11:26 +02:00
Michael Stapelberg beb488f6fa implement expr.Payload unmarshaling 2018-06-28 20:05:27 +02:00
Michael Stapelberg 2338808f3c fix expr.Cmp unmarshaling 2018-06-28 20:05:16 +02:00
Michael Stapelberg 48a6685597 add expr.Counter 2018-06-23 21:12:40 +02:00
Michael Stapelberg 1324f5d5a9 add GetRule 2018-06-23 21:12:14 +02:00
Michael Stapelberg 05c74458a0 NAT: add RegProtoMax if >0 2018-06-14 22:26:30 +02:00
Michael Stapelberg 0ba4d9997a Cmp: fix accidentally hard-coded EQ operator 2018-06-14 22:26:13 +02:00
Michael Stapelberg dab6002a09 add enough expressions to express port forwardings 2018-06-04 23:13:54 +02:00
Michael Stapelberg afbe6ed893 Initial commit 2018-05-24 22:09:26 -07:00