scanner: secmark: move to own scope

author Florian Westphal <fw@strlen.de>

Thu, 11 Mar 2021 13:23:13 +0000 (14:23 +0100)

committer Florian Westphal <fw@strlen.de>

Tue, 16 Mar 2021 22:59:46 +0000 (23:59 +0100)
author Florian Westphal <fw@strlen.de>
Thu, 11 Mar 2021 13:23:13 +0000 (14:23 +0100)
committer Florian Westphal <fw@strlen.de>
Tue, 16 Mar 2021 22:59:46 +0000 (23:59 +0100)
diff --git a/include/parser.h b/include/parser.h

index cc9790f62dc195535d6465bca67a2d6e1e907e3d..9fdebcd11dd2ef9160bea633627ca4abf5821019 100644 (file)
--- a/include/parser.h
+++ b/include/parser.h
@@ -35,6 +35,7 @@ enum startcond_type {
         PARSER_SC_IP6,
         PARSER_SC_LIMIT,
         PARSER_SC_QUOTA,
+       PARSER_SC_SECMARK,
         PARSER_SC_VLAN,
         PARSER_SC_EXPR_FIB,
         PARSER_SC_EXPR_HASH,
diff --git a/src/parser_bison.y b/src/parser_bison.y

index 239838c2cbc2fb955dc984f77f5f2a6a5f0abb06..08a2599e53745af5dd763203cf2ff79e9ef53ac1 100644 (file)
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -875,6 +875,7 @@ close_scope_numgen  : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_NUMGE
  close_scope_quota      : { scanner_pop_start_cond(nft->scanner, PARSER_SC_QUOTA); };
  close_scope_queue      : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_QUEUE); };
  close_scope_rt         : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_RT); };
+close_scope_secmark    : { scanner_pop_start_cond(nft->scanner, PARSER_SC_SECMARK); };
  close_scope_socket     : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_SOCKET); }
  
  common_block           :       INCLUDE         QUOTED_STRING   stmt_separator
@@ -1067,11 +1068,11 @@ add_cmd                 :       TABLE           table_spec
                         {
                                 $$ = cmd_alloc(CMD_ADD, CMD_OBJ_LIMIT, &$2, &@$, $3);
                         }
-                       |       SECMARK         obj_spec        secmark_obj     secmark_config
+                       |       SECMARK         obj_spec        secmark_obj     secmark_config  close_scope_secmark
                         {
                                 $$ = cmd_alloc(CMD_ADD, CMD_OBJ_SECMARK, &$2, &@$, $3);
                         }
-                       |       SECMARK         obj_spec        secmark_obj     '{' secmark_block '}'
+                       |       SECMARK         obj_spec        secmark_obj     '{' secmark_block '}'   close_scope_secmark
                         {
                                 $$ = cmd_alloc(CMD_ADD, CMD_OBJ_SECMARK, &$2, &@$, $3);
                         }
@@ -1172,7 +1173,7 @@ create_cmd                :       TABLE           table_spec
                         {
                                 $$ = cmd_alloc(CMD_CREATE, CMD_OBJ_LIMIT, &$2, &@$, $3);
                         }
-                       |       SECMARK         obj_spec        secmark_obj     secmark_config
+                       |       SECMARK         obj_spec        secmark_obj     secmark_config  close_scope_secmark
                         {
                                 $$ = cmd_alloc(CMD_CREATE, CMD_OBJ_SECMARK, &$2, &@$, $3);
                         }
@@ -1259,7 +1260,7 @@ delete_cmd                :       TABLE           table_or_id_spec
                         {
                                 $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_LIMIT, &$2, &@$, NULL);
                         }
-                       |       SECMARK         obj_or_id_spec
+                       |       SECMARK         obj_or_id_spec  close_scope_secmark
                         {
                                 $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_SECMARK, &$2, &@$, NULL);
                         }
@@ -1347,7 +1348,7 @@ list_cmd          :       TABLE           table_spec
                         {
                                 $$ = cmd_alloc(CMD_LIST, CMD_OBJ_SECMARKS, &$3, &@$, NULL);
                         }
-                       |       SECMARK         obj_spec
+                       |       SECMARK         obj_spec        close_scope_secmark
                         {
                                 $$ = cmd_alloc(CMD_LIST, CMD_OBJ_SECMARK, &$2, &@$, NULL);
                         }
@@ -1680,7 +1681,7 @@ table_block               :       /* empty */     { $$ = $<table>-1; }
                         }
                         |       table_block     SECMARK         obj_identifier
                                         obj_block_alloc '{'     secmark_block   '}'
-                                       stmt_separator
+                                       stmt_separator  close_scope_secmark
                         {
                                 $4->location = @3;
                                 $4->type = NFT_OBJECT_SECMARK;
@@ -1883,7 +1884,7 @@ map_block_alloc           :       /* empty */
  map_block_obj_type     :       COUNTER { $$ = NFT_OBJECT_COUNTER; }
                         |       QUOTA   close_scope_quota { $$ = NFT_OBJECT_QUOTA; }
                         |       LIMIT   close_scope_limit { $$ = NFT_OBJECT_LIMIT; }
-                       |       SECMARK { $$ = NFT_OBJECT_SECMARK; }
+                       |       SECMARK close_scope_secmark { $$ = NFT_OBJECT_SECMARK; }
                         ;
  
  map_block              :       /* empty */     { $$ = $<set>-1; }
@@ -4727,7 +4728,7 @@ meta_key_qualified        :       LENGTH          { $$ = NFT_META_LEN; }
                         |       PROTOCOL        { $$ = NFT_META_PROTOCOL; }
                         |       PRIORITY        { $$ = NFT_META_PRIORITY; }
                         |       RANDOM          { $$ = NFT_META_PRANDOM; }
-                       |       SECMARK         { $$ = NFT_META_SECMARK; }
+                       |       SECMARK close_scope_secmark { $$ = NFT_META_SECMARK; }
                         ;
  
  meta_key_unqualified   :       MARK            { $$ = NFT_META_MARK; }
@@ -4966,7 +4967,7 @@ ct_key                    :       L3PROTOCOL      { $$ = NFT_CT_L3PROTOCOL; }
                         |       PROTO_DST       { $$ = NFT_CT_PROTO_DST; }
                         |       LABEL           { $$ = NFT_CT_LABELS; }
                         |       EVENT           { $$ = NFT_CT_EVENTMASK; }
-                       |       SECMARK         { $$ = NFT_CT_SECMARK; }
+                       |       SECMARK close_scope_secmark { $$ = NFT_CT_SECMARK; }
                         |       ID              { $$ = NFT_CT_ID; }
                         |       ct_key_dir_optional
                         ;
diff --git a/src/scanner.l b/src/scanner.l

index d09189ae4492e27593f3b683ba1c9f7edfbc5276..a73ce1b819d89fc94d3c8e9e7336b647da46ee0f 100644 (file)
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -203,6 +203,7 @@ addrstring  ({macaddr}|{ip4addr}|{ip6addr})
  %s SCANSTATE_IP6
  %s SCANSTATE_LIMIT
  %s SCANSTATE_QUOTA
+%s SCANSTATE_SECMARK
  %s SCANSTATE_VLAN
  %s SCANSTATE_EXPR_FIB
  %s SCANSTATE_EXPR_HASH
@@ -634,7 +635,7 @@ addrstring  ({macaddr}|{ip4addr}|{ip6addr})
         "out"                   { return OUT; }
  }
  
-"secmark"              { return SECMARK; }
+"secmark"              { scanner_push_start_cond(yyscanner, SCANSTATE_SECMARK); return SECMARK; }
  "secmarks"             { return SECMARKS; }
  
  {addrstring}           {
author	Florian Westphal <fw@strlen.de>
	Thu, 11 Mar 2021 13:23:13 +0000 (14:23 +0100)
committer	Florian Westphal <fw@strlen.de>
	Tue, 16 Mar 2021 22:59:46 +0000 (23:59 +0100)
include/parser.h		patch \| blob \| blame \| history
src/parser_bison.y		patch \| blob \| blame \| history
src/scanner.l		patch \| blob \| blame \| history