parser_bison: missing relational operation on flag list

Complete e6c32b2fa0b8 ("src: add negation match on singleton bitmask value") which was missing comma-separated list of flags. This patch provides a shortcut for: tcp flags and fin,rst == 0 which allows to check for the packet whose fin and rst bits are unset: # nft add rule x y tcp flags not fin,rst counter Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2021-04-19 11:56:15 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2021-05-02 23:30:35 +0200
commit: 88993e0ce90f05a1b6e1b09a8dbbf41d6d4551b7 (patch)
tree: 53c81710e64c14fbc7f2856d56257ecd0e38adf9 /src
parent: 2ffb2f44dc541c2ec3265ec80bf6be805cafcf80 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 0a3adbe8..ce4857b2 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -4472,6 +4472,10 @@ relational_expr		:	expr	/* implicit */	rhs_expr
 			{
 				$$ = relational_expr_alloc(&@2, $2, $1, $3);
 			}
+			|	expr	relational_op	list_rhs_expr
+			{
+				$$ = relational_expr_alloc(&@2, $2, $1, $3);
+			}
 			;
 
 list_rhs_expr		:	basic_rhs_expr		COMMA		basic_rhs_expr
author	Pablo Neira Ayuso <pablo@netfilter.org>	2021-04-19 11:56:15 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2021-05-02 23:30:35 +0200
commit	88993e0ce90f05a1b6e1b09a8dbbf41d6d4551b7 (patch)
tree	53c81710e64c14fbc7f2856d56257ecd0e38adf9 /src
parent	2ffb2f44dc541c2ec3265ec80bf6be805cafcf80 (diff)