diff options
author | Máté Eckl <ecklm94@gmail.com> | 2018-08-23 12:51:07 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-08-24 10:09:30 +0200 |
commit | cebbd9678b7ee6f74b3bd4eefc23de5b27135799 (patch) | |
tree | 32020dae0f0326d12637e98b4af95ef029792cb5 /src/evaluate.c | |
parent | a55ca1a24b7b216144dc737f621fb68f4a924e38 (diff) |
src: Make invalid chain priority error more specific
So far if invalid priority name was specified the error message referred
to the whole chain/flowtable specification:
nft> add chain ip x h { type filter hook prerouting priority first; }
Error: 'first' is invalid priority in this context.
add chain ip x h { type filter hook prerouting priority first; }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
With this patch this reference is made specific to the priority
specification:
nft> add chain ip x h { type filter hook prerouting priority first; }
Error: 'first' is invalid priority in this context.
add chain ip x h { type filter hook prerouting priority first; }
^^^^^^^^^^^^^^
`prio_spec` is also reused to keep naming intuitive. The parser section
formerly named `prio_spec` is renamed to `int_num` as it basically
provides the mathematical set of integer numbers.
Signed-off-by: Máté Eckl <ecklm94@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/evaluate.c')
-rw-r--r-- | src/evaluate.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index 647e1606..685924df 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -3028,8 +3028,9 @@ static int flowtable_evaluate(struct eval_ctx *ctx, struct flowtable *ft) return chain_error(ctx, ft, "invalid hook %s", ft->hookstr); if (!evaluate_priority(&ft->priority, NFPROTO_NETDEV, ft->hooknum)) - return chain_error(ctx, ft, "'%s' is invalid priority.", - ft->priority.str); + return __stmt_binary_error(ctx, &ft->priority.loc, NULL, + "'%s' is invalid priority.", + ft->priority.str); if (!ft->dev_expr) return chain_error(ctx, ft, "Unbound flowtable not allowed (must specify devices)"); @@ -3186,9 +3187,9 @@ static int chain_evaluate(struct eval_ctx *ctx, struct chain *chain) if (!evaluate_priority(&chain->priority, chain->handle.family, chain->hooknum)) - return chain_error(ctx, chain, - "'%s' is invalid priority in this context.", - chain->priority.str); + return __stmt_binary_error(ctx, &chain->priority.loc, NULL, + "'%s' is invalid priority in this context.", + chain->priority.str); } list_for_each_entry(rule, &chain->rules, list) { |