diff options
author | Patrick McHardy <kaber@trash.net> | 2014-02-04 08:09:27 +0000 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2014-02-04 08:17:47 +0000 |
commit | 61236968b7a1b4a4986f9a5c9a5e46d3eb70b799 (patch) | |
tree | 49cbec37c5e2bc8e1f748d2ae1626af6c1e7df90 /include | |
parent | f3129a3cc4800321ed2157eb400da8b43398606e (diff) |
parser: evaluate commands immediately after parsing
We currently do parsing and evaluation in two seperate stages. This means
that if any error occurs during parsing, we won't evaluate the syntactical
correct commands and detect possible evaluation errors in them.
In order to improve error reporting, change this to evaluate every command
as soon as it is fully parsed.
With this in place, the ruleset can be fully validated and all errors
reported in one step:
tests/error.1:6:23-23: Error: syntax error, unexpected newline
filter input tcp dport
^
tests/error.1:7:24-26: Error: datatype mismatch, expected internet network service, expression has type Internet protocol
filter input tcp dport tcp
~~~~~~~~~ ^^^
tests/error.1:8:24-32: Error: Right hand side of relational expression (==) must be constant
filter input tcp dport tcp dport
~~~~~~~~~~^^^^^^^^^
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'include')
-rw-r--r-- | include/parser.h | 1 | ||||
-rw-r--r-- | include/rule.h | 2 |
2 files changed, 2 insertions, 1 deletions
diff --git a/include/parser.h b/include/parser.h index 7a1c2dbe..92beab28 100644 --- a/include/parser.h +++ b/include/parser.h @@ -26,6 +26,7 @@ struct parser_state { unsigned int scope; struct list_head cmds; + struct eval_ctx ectx; }; extern void parser_init(struct parser_state *state, struct list_head *msgs); diff --git a/include/rule.h b/include/rule.h index 47dd6ab9..e06444eb 100644 --- a/include/rule.h +++ b/include/rule.h @@ -303,7 +303,7 @@ struct eval_ctx { struct proto_ctx pctx; }; -extern int evaluate(struct eval_ctx *ctx, struct list_head *commands); +extern int cmd_evaluate(struct eval_ctx *ctx, struct cmd *cmd); extern struct error_record *rule_postprocess(struct rule *rule); |