diff mbox

verdict type: handle verdict flags and encoded additional information

Message ID 1408405040-9505-1-git-send-email-kaber@trash.net
State Accepted
Delegated to: Pablo Neira
Headers show

Commit Message

Patrick McHardy Aug. 18, 2014, 11:37 p.m. UTC 
The kernel can handle this, nftables should also.

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 src/datatype.c | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)
diff mbox

Patch

diff --git a/src/datatype.c b/src/datatype.c
index 36d5985..fdfee54 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -176,15 +176,6 @@  const struct datatype invalid_type = {
 static void verdict_type_print(const struct expr *expr)
 {
 	switch (expr->verdict) {
-	case NF_ACCEPT:
-		printf("accept");
-		break;
-	case NF_DROP:
-		printf("drop");
-		break;
-	case NF_QUEUE:
-		printf("queue");
-		break;
 	case NFT_CONTINUE:
 		printf("continue");
 		break;
@@ -201,7 +192,19 @@  static void verdict_type_print(const struct expr *expr)
 		printf("return");
 		break;
 	default:
-		BUG("invalid verdict value %u\n", expr->verdict);
+		switch (expr->verdict & NF_VERDICT_MASK) {
+		case NF_ACCEPT:
+			printf("accept");
+			break;
+		case NF_DROP:
+			printf("drop");
+			break;
+		case NF_QUEUE:
+			printf("queue");
+			break;
+		default:
+			BUG("invalid verdict value %u\n", expr->verdict);
+		}
 	}
 }