summaryrefslogtreecommitdiffstats
path: root/src/evaluate.c
diff options
context:
space:
mode:
authorMáté Eckl <ecklm94@gmail.com>2018-08-23 12:51:07 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2018-08-24 10:09:30 +0200
commitcebbd9678b7ee6f74b3bd4eefc23de5b27135799 (patch)
tree32020dae0f0326d12637e98b4af95ef029792cb5 /src/evaluate.c
parenta55ca1a24b7b216144dc737f621fb68f4a924e38 (diff)
src: Make invalid chain priority error more specific
So far if invalid priority name was specified the error message referred to the whole chain/flowtable specification: nft> add chain ip x h { type filter hook prerouting priority first; } Error: 'first' is invalid priority in this context. add chain ip x h { type filter hook prerouting priority first; } ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ With this patch this reference is made specific to the priority specification: nft> add chain ip x h { type filter hook prerouting priority first; } Error: 'first' is invalid priority in this context. add chain ip x h { type filter hook prerouting priority first; } ^^^^^^^^^^^^^^ `prio_spec` is also reused to keep naming intuitive. The parser section formerly named `prio_spec` is renamed to `int_num` as it basically provides the mathematical set of integer numbers. Signed-off-by: Máté Eckl <ecklm94@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/evaluate.c')
-rw-r--r--src/evaluate.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index 647e1606..685924df 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -3028,8 +3028,9 @@ static int flowtable_evaluate(struct eval_ctx *ctx, struct flowtable *ft)
return chain_error(ctx, ft, "invalid hook %s", ft->hookstr);
if (!evaluate_priority(&ft->priority, NFPROTO_NETDEV, ft->hooknum))
- return chain_error(ctx, ft, "'%s' is invalid priority.",
- ft->priority.str);
+ return __stmt_binary_error(ctx, &ft->priority.loc, NULL,
+ "'%s' is invalid priority.",
+ ft->priority.str);
if (!ft->dev_expr)
return chain_error(ctx, ft, "Unbound flowtable not allowed (must specify devices)");
@@ -3186,9 +3187,9 @@ static int chain_evaluate(struct eval_ctx *ctx, struct chain *chain)
if (!evaluate_priority(&chain->priority, chain->handle.family,
chain->hooknum))
- return chain_error(ctx, chain,
- "'%s' is invalid priority in this context.",
- chain->priority.str);
+ return __stmt_binary_error(ctx, &chain->priority.loc, NULL,
+ "'%s' is invalid priority in this context.",
+ chain->priority.str);
}
list_for_each_entry(rule, &chain->rules, list) {