| Message ID | 20221007091614.339582-3-pablo@netfilter.org |
|---|---|
| State | Changes Requested |
| Delegated to: | Pablo Neira |
| Headers | show |
| Series | nf_tables inner tunnel header match support | expand |
diff --git a/net/netfilter/nft_payload.c b/net/netfilter/nft_payload.c index 448e32750fa0..2def75393074 100644 --- a/net/netfilter/nft_payload.c +++ b/net/netfilter/nft_payload.c @@ -138,6 +138,9 @@ static int __nft_payload_inner_offset(struct nft_pktinfo *pkt) pkt->inneroff = thoff + offset; } break; + case IPPROTO_IPIP: + pkt->inneroff = thoff; + break; default: return -1; }
ipip is an special case, transport and inner header offset are set to the same offset to use the upcoming inner expression for matching on inner tunnel headers. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- v3: no changes. net/netfilter/nft_payload.c | 3 +++ 1 file changed, 3 insertions(+)