When evaluating the list of devices, two expressions are possible:
- EXPR_LIST, which is the expected expression type to store the list of
chain/flowtable devices.
- EXPR_SET, in case that a variable is used to express the device list.
This is because it is not possible to know if the variable defines
set elements or devices. Since sets are more common, EXPR_SET is used.
In the latter case, this list expressed as EXPR_SET gets translated to
EXPR_LIST. Before such translation, the EXPR_VARIABLE is evaluated,
therefore all variables are gone and only EXPR_SET_ELEM are possible in
expr_set_to_list().
Remove the EXPR_VALUE and EXPR_VARIABLE cases in expr_set_to_list()
since those are never seen. Add BUG() in case any other expressions than
EXPR_SET_ELEM is seen.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_del(&expr->list);
switch (expr->etype) {
- case EXPR_VARIABLE:
- expr_set_context(&ctx->ectx, &ifname_type,
- IFNAMSIZ * BITS_PER_BYTE);
- if (!evaluate_expr_variable(ctx, &expr))
- return false;
-
- if (expr->etype == EXPR_SET) {
- expr = expr_set_to_list(ctx, expr);
- list_splice_init(&expr_list(expr)->expressions, &tmp);
- expr_free(expr);
- continue;
- }
- break;
case EXPR_SET_ELEM:
key = expr_clone(expr->key);
expr_free(expr);
expr = key;
break;
- case EXPR_VALUE:
- break;
default:
+ BUG("invalid expression type %s\n", expr_name(expr));
break;
}
projects / thirdparty / nftables.git / commitdiff
