git.ipfire.org Git - thirdparty/nftables.git/commit

author	Phil Sutter <phil@nwl.cc>
	Wed, 30 Oct 2019 20:45:39 +0000 (21:45 +0100)
committer	Phil Sutter <phil@nwl.cc>
	Thu, 7 Nov 2019 11:46:16 +0000 (12:46 +0100)
commit	332325e3c3fab4c25bb5f387f9663205f63748dc
tree	b9e616a69a3b87829c4f6531a6677119d9af6275	tree
parent	856c78d4fdc73ac746ef1473f08d78cf2ebcbc4c	commit \| diff

libnftables: Store top_scope in struct nft_ctx

Allow for interactive sessions to make use of defines. Since parser is
initialized for each line, top scope defines didn't persist although
they are actually useful for stuff like:

| # nft -i
| define goodports = { 22, 23, 80, 443 }
| add rule inet t c tcp dport $goodports accept
| add rule inet t c tcp sport $goodports accept

While being at it, introduce scope_alloc() and scope_free().

Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/nftables.h		diff \| blob \| blame \| history
include/parser.h		diff \| blob \| blame \| history
include/rule.h		diff \| blob \| blame \| history
src/libnftables.c		diff \| blob \| blame \| history
src/parser_bison.y		diff \| blob \| blame \| history
src/rule.c		diff \| blob \| blame \| history
tests/shell/testcases/nft-i/0001define_0	[new file with mode: 0755]	blob