diff options
| author | Patrick McHardy <kaber@trash.net> | 2014-01-08 13:02:16 +0000 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2014-01-08 13:03:19 +0000 |
| commit | 7a61addda5dc095645640f10ff4425db0d533b2c (patch) | |
| tree | ab46467eb6e9a7ce5dd460a77adca6a1d5bc2185 /src | |
| parent | f9af5e9208c910c06d775dff54d12a0c77db9474 (diff) | |
nftables: add support for the "inet" family
Add support for the mixed IPv4/IPv6 "inet" family. This mainly consist
of adding the "inet" <-> NFPROTO_INET mapping in the parser and netlink
support functions.
Additionally add the definitions for the inet filter table.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'src')
| -rw-r--r-- | src/evaluate.c | 1 | ||||
| -rw-r--r-- | src/parser.y | 3 | ||||
| -rw-r--r-- | src/rule.c | 3 | ||||
| -rw-r--r-- | src/scanner.l | 2 |
4 files changed, 9 insertions, 0 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index 257c67ed..4ca32943 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -1273,6 +1273,7 @@ static uint32_t str2hooknum(uint32_t family, const char *hook) case NFPROTO_IPV4: case NFPROTO_BRIDGE: case NFPROTO_IPV6: + case NFPROTO_INET: /* These families have overlapping values for each hook */ if (!strcmp(hook, "prerouting")) return NF_INET_PRE_ROUTING; diff --git a/src/parser.y b/src/parser.y index 7778d504..19073337 100644 --- a/src/parser.y +++ b/src/parser.y @@ -166,6 +166,8 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token MAP "map" %token HANDLE "handle" +%token INET "inet" + %token ADD "add" %token INSERT "insert" %token DELETE "delete" @@ -827,6 +829,7 @@ string : STRING family_spec : /* empty */ { $$ = NFPROTO_IPV4; } | IP { $$ = NFPROTO_IPV4; } | IP6 { $$ = NFPROTO_IPV6; } + | INET { $$ = NFPROTO_INET; } | ARP { $$ = NFPROTO_ARP; } | BRIDGE { $$ = NFPROTO_BRIDGE; } ; @@ -276,6 +276,8 @@ static const char *family2str(unsigned int family) return "ip"; case NFPROTO_IPV6: return "ip6"; + case NFPROTO_INET: + return "inet"; case NFPROTO_ARP: return "arp"; case NFPROTO_BRIDGE: @@ -292,6 +294,7 @@ static const char *hooknum2str(unsigned int family, unsigned int hooknum) case NFPROTO_IPV4: case NFPROTO_BRIDGE: case NFPROTO_IPV6: + case NFPROTO_INET: switch (hooknum) { case NF_INET_PRE_ROUTING: return "prerouting"; diff --git a/src/scanner.l b/src/scanner.l index 8c4f25d2..f075f820 100644 --- a/src/scanner.l +++ b/src/scanner.l @@ -235,6 +235,8 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) "goto" { return GOTO; } "return" { return RETURN; } +"inet" { return INET; } + "add" { return ADD; } "insert" { return INSERT; } "delete" { return DELETE; } |