Else we run into trouble once we allow
queue num symhash mod 4 and 1
and so on. Example problem:
queue num jhash ip saddr mod 4 and 1 bypass
This will fail to parse because the scanner is in the wrong state
(ip, not queue), so 'bypass' is parsed as a string.
Currently, while nft will eat the above just fine (minus 'bypass'),
nft rejects this from the evaluation phase with
Error: queue number is not constant
So seems we are lucky and can restrict the supported expressions
to integer and range.
Furthermore, the line looks wrong because this statement:
queue num jhash ip saddr mod 4 and 1 bypass
doesn't specifiy a number, "queue num 4" does, or "queue num 1-2" do.
For arbitrary expr support it seems sensible to enforce stricter
ordering to avoid any problems with the flags, for example:
queue bypass,futurekeyword to jhash ip saddr mod 42
Signed-off-by: Florian Westphal <fw@strlen.de>
%type <stmt> queue_stmt queue_stmt_alloc
%destructor { stmt_free($$); } queue_stmt queue_stmt_alloc
+%type <expr> queue_stmt_expr
+%destructor { expr_free($$); } queue_stmt_expr
%type <val> queue_stmt_flags queue_stmt_flag
%type <stmt> dup_stmt
%destructor { stmt_free($$); } dup_stmt
| queue_stmt_args queue_stmt_arg
;
-queue_stmt_arg : QUEUENUM stmt_expr
+queue_stmt_arg : QUEUENUM queue_stmt_expr
{
$<stmt>0->queue.queue = $2;
$<stmt>0->queue.queue->location = @$;
}
;
+queue_stmt_expr : integer_expr
+ | range_rhs_expr
+ ;
+
queue_stmt_flags : queue_stmt_flag
| queue_stmt_flags COMMA queue_stmt_flag
{
projects / thirdparty / nftables.git / commitdiff
