In some cases, it may be desirable to have more control over how preconditions are used. For example, in a firewall, one may wish to ignore expressions entirely if they access any unavailable fields, independent of how these fields are used in the expression.
The precond function allows to do this: it returns the combined preconditions of all accesses of its argument. Note that preconditions encountered in preconditions are evaluated in the normal way.
Example:
drop if !precond(ip_src != 1.2.3.4 || tcp_sport != 80); drop if ip_src != 1.2.3.4 || tcp_sport != 80;
The first rule drops non-TCP packets even if their source IP address is 1.2.3.4.