From 14c526641e1fdec01f345c8d9f22fff809e59790 Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Tue, 12 Jun 2018 18:39:13 +0200
Subject: [PATCH] datatype: add stolen verdict

using fwd statement causes crash when using nft trace:

 trace id ddbbaae2 netdev vpn ingress_out packet: iif "enp2s0" ether saddr 78:54:00:29:bb:aa ether daddr 52:54:00:01:53:9f ip saddr 85.14.236.41 ip daddr 17.25.63.98 ip dscp cs0 ip ecn not-ect ip ttl 64 ip id 49036 ip length 84 icmp type echo-reply icmp code 0 icmp id 16947 icmp sequence 4
 trace id ddbbaae2 netdev vpn ingress_out rule ip saddr 85.14.236.41 nftrace set 1 (verdict continue)
 trace id ddbbaae2 netdev vpn ingress_out rule ip saddr 85.14.236.41 ether saddr set aa:bb:00:18:cc:dd ether daddr set 00:00:5e:00:00:11 fwd to "enp1s0"
 BUG: invalid verdict value 2
 nft: datatype.c:282: verdict_type_print: Assertion `0' failed.

ADd stolen verdict (2) and remove the BUG statement.

Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1261
Signed-off-by: Florian Westphal <fw@strlen.de>
(cherry picked from commit bbbed9f3175c5260332ae7e6800b3a6791418fd2)
Signed-off-by: Phil Sutter <psutter@redhat.com>
---
 src/datatype.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/datatype.c b/src/datatype.c
index c77d228e95a1e..209044539bb84 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -280,8 +280,12 @@ static void verdict_type_print(const struct expr *expr, struct output_ctx *octx)
 		case NF_QUEUE:
 			nft_print(octx, "queue");
 			break;
+		case NF_STOLEN:
+			nft_print(octx, "stolen");
+			break;
 		default:
-			BUG("invalid verdict value %u\n", expr->verdict);
+			nft_print(octx, "unknown verdict value %u", expr->verdict);
+			break;
 		}
 	}
 }
-- 
2.21.0