]> git.ipfire.org Git - thirdparty/nftables.git/commit
projects / thirdparty / nftables.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bbe139f) | patch
libnftables: keep evaluating until parser_max_errors
authorPablo Neira Ayuso <pablo@netfilter.org>
Fri, 7 Jun 2019 11:37:22 +0000 (13:37 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 7 Jun 2019 11:58:07 +0000 (13:58 +0200)
commitdf2f746fb4cfc68d178dcfcf1fe9db08bd56b660
tree45249111f70f49311e3b2290b8f2873593c3498btree
parentbbe139fdf5a589499e75d8361efbca6c4add3275commit | diff
libnftables: keep evaluating until parser_max_errors

Bail out after parser_max_errors has been reached, eg.

 # nft -f /tmp/errors.nft
 /tmp/errors.nft:1:23-23: Error: syntax error, unexpected newline
 filter input tcp dport
                       ^
 /tmp/errors.nft:2:24-26: Error: datatype mismatch, expected internet network service, expression has type Internet protocol
 filter input tcp dport tcp
              ~~~~~~~~~ ^^^
 /tmp/errors.nft:3:24-26: Error: datatype mismatch, expected internet network service, expression has type Internet protocol
 filter input tcp sport udp
              ~~~~~~~~~ ^^^

Fixes: f211921e25e6 ("src: perform evaluation after parsing")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
src/libnftables.c diff | blob | blame | history
Mirror of git://git.netfilter.org/nftables