Stateful objects have introduced a RESET token in the parser. This breaks the
use of RESET from the rhs, to fix this:
1) I added a new rule to catch this case, thus, dccp doesn't break.
2) Update reject_opts so reject with tcp reset still works.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
$4);
$<stmt>0->reject.expr->dtype = &icmpx_code_type;
}
- | WITH TCP STRING
+ | WITH TCP RESET
{
- if (strcmp($3, "reset") == 0) {
- $<stmt>0->reject.type = NFT_REJECT_TCP_RST;
- } else {
- erec_queue(error(&@2, "unsupported reject type", $3),
- state->msgs);
- YYERROR;
- }
+ $<stmt>0->reject.type = NFT_REJECT_TCP_RST;
}
;
current_scope(state),
"ecn");
}
+ | RESET
+ {
+ $$ = symbol_expr_alloc(&@$, SYMBOL_VALUE,
+ current_scope(state),
+ "reset");
+ }
;
relational_op : EQ { $$ = OP_EQ; }
projects / thirdparty / nftables.git / commitdiff
