From: Shivani Bhardwaj Date: Thu, 7 Apr 2016 17:28:54 +0000 (+0530) Subject: src: evaluate: Show error for fanout without balance X-Git-Tag: v0.6~73 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b9d6a7b68e93c9a7a48b2dada6e7380190480b79;p=thirdparty%2Fnftables.git src: evaluate: Show error for fanout without balance The idea of fanout option is to improve the performance by indexing CPU ID to map packets to the queues. This is used for load balancing. Fanout option is not required when there is a single queue specified. According to iptables, queue balance should be specified in order to use fanout. Following that, throw an error in nftables if the range of queues for load balancing is not specified with the fanout option. After this patch, $ sudo nft add rule ip filter forward counter queue num 0 fanout :1:46-46: Error: fanout requires a range to be specified add rule ip filter forward counter queue num 0 fanout ^^^^^ Signed-off-by: Shivani Bhardwaj Signed-off-by: Pablo Neira Ayuso --- diff --git a/src/evaluate.c b/src/evaluate.c index d9ac85421..346e34fcd 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -2006,6 +2006,11 @@ static int stmt_evaluate_queue(struct eval_ctx *ctx, struct stmt *stmt) if (!expr_is_constant(stmt->queue.queue)) return expr_error(ctx->msgs, stmt->queue.queue, "queue number is not constant"); + if (stmt->queue.queue->ops->type != EXPR_RANGE && + (stmt->queue.flags & NFT_QUEUE_FLAG_CPU_FANOUT)) + return expr_error(ctx->msgs, stmt->queue.queue, + "fanout requires a range to be " + "specified"); } return 0; } diff --git a/src/parser_bison.y b/src/parser_bison.y index 4b7c1f5ab..444ed4c2e 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -1722,6 +1722,7 @@ queue_stmt_args : queue_stmt_arg queue_stmt_arg : QUEUENUM stmt_expr { $0->queue.queue = $2; + $0->queue.queue->location = @$; } | queue_stmt_flags {