In some cases, it may be desirable to have more control over how preconditions are used. For example, in a firewall, one may wish to ignore expressions entirely if they access any unavailable fields, independent of how these fields are used in the expression.
The precond function allows to do this: it returns the combined preconditions of all accesses of its argument. Note that preconditions encountered in preconditions are evaluated in the normal way.
drop if !precond(ip_src != 188.8.131.52 || tcp_sport != 80); drop if ip_src != 184.108.40.206 || tcp_sport != 80;
The first rule drops non-TCP packets even if their source IP address is 220.127.116.11.