summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/osf.h2
-rw-r--r--src/evaluate.c2
-rw-r--r--src/parser_bison.y31
-rw-r--r--src/statement.c24
4 files changed, 31 insertions, 28 deletions
diff --git a/include/osf.h b/include/osf.h
index 8f6f5840..2eef257c 100644
--- a/include/osf.h
+++ b/include/osf.h
@@ -1,6 +1,8 @@
#ifndef NFTABLES_OSF_H
#define NFTABLES_OSF_H
+#define NFT_OSF_F_VERSION 0x1
+
struct expr *osf_expr_alloc(const struct location *loc, const uint8_t ttl,
const uint32_t flags);
diff --git a/src/evaluate.c b/src/evaluate.c
index 3593eb80..21d9e146 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -2812,7 +2812,7 @@ static int stmt_evaluate_log(struct eval_ctx *ctx, struct stmt *stmt)
return stmt_error(ctx, stmt,
"flags and group are mutually exclusive");
}
- if (stmt->log.level == LOGLEVEL_AUDIT &&
+ if (stmt->log.level == NFT_LOGLEVEL_AUDIT &&
(stmt->log.flags & ~STMT_LOG_LEVEL || stmt->log.logflags))
return stmt_error(ctx, stmt,
"log level audit doesn't support any further options");
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 9aea6526..9e632c0d 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -2414,23 +2414,23 @@ log_arg : PREFIX string
level_type : string
{
if (!strcmp("emerg", $1))
- $$ = LOG_EMERG;
+ $$ = NFT_LOGLEVEL_EMERG;
else if (!strcmp("alert", $1))
- $$ = LOG_ALERT;
+ $$ = NFT_LOGLEVEL_ALERT;
else if (!strcmp("crit", $1))
- $$ = LOG_CRIT;
+ $$ = NFT_LOGLEVEL_CRIT;
else if (!strcmp("err", $1))
- $$ = LOG_ERR;
+ $$ = NFT_LOGLEVEL_ERR;
else if (!strcmp("warn", $1))
- $$ = LOG_WARNING;
+ $$ = NFT_LOGLEVEL_WARNING;
else if (!strcmp("notice", $1))
- $$ = LOG_NOTICE;
+ $$ = NFT_LOGLEVEL_NOTICE;
else if (!strcmp("info", $1))
- $$ = LOG_INFO;
+ $$ = NFT_LOGLEVEL_INFO;
else if (!strcmp("debug", $1))
- $$ = LOG_DEBUG;
+ $$ = NFT_LOGLEVEL_DEBUG;
else if (!strcmp("audit", $1))
- $$ = LOGLEVEL_AUDIT;
+ $$ = NFT_LOGLEVEL_AUDIT;
else {
erec_queue(error(&@1, "invalid log level"),
state->msgs);
@@ -4101,7 +4101,6 @@ ct_key : L3PROTOCOL { $$ = NFT_CT_L3PROTOCOL; }
| PROTO_DST { $$ = NFT_CT_PROTO_DST; }
| LABEL { $$ = NFT_CT_LABELS; }
| EVENT { $$ = NFT_CT_EVENTMASK; }
- | TIMEOUT { $$ = NFT_CT_TIMEOUT; }
| ct_key_dir_optional
;
@@ -4150,16 +4149,18 @@ ct_stmt : CT ct_key SET stmt_expr
$$->objref.type = NFT_OBJECT_CT_HELPER;
$$->objref.expr = $4;
break;
- case NFT_CT_TIMEOUT:
- $$ = objref_stmt_alloc(&@$);
- $$->objref.type = NFT_OBJECT_CT_TIMEOUT;
- $$->objref.expr = $4;
- break;
default:
$$ = ct_stmt_alloc(&@$, $2, -1, $4);
break;
}
}
+ | CT TIMEOUT SET stmt_expr
+ {
+ $$ = objref_stmt_alloc(&@$);
+ $$->objref.type = NFT_OBJECT_CT_TIMEOUT;
+ $$->objref.expr = $4;
+
+ }
| CT ct_dir ct_key_dir_optional SET stmt_expr
{
$$ = ct_stmt_alloc(&@$, $3, $2, $5);
diff --git a/src/statement.c b/src/statement.c
index 7f9c10b3..a9e8b3ae 100644
--- a/src/statement.c
+++ b/src/statement.c
@@ -256,21 +256,21 @@ struct stmt *objref_stmt_alloc(const struct location *loc)
return stmt;
}
-static const char *syslog_level[LOGLEVEL_AUDIT + 1] = {
- [LOG_EMERG] = "emerg",
- [LOG_ALERT] = "alert",
- [LOG_CRIT] = "crit",
- [LOG_ERR] = "err",
- [LOG_WARNING] = "warn",
- [LOG_NOTICE] = "notice",
- [LOG_INFO] = "info",
- [LOG_DEBUG] = "debug",
- [LOGLEVEL_AUDIT] = "audit"
+static const char *syslog_level[NFT_LOGLEVEL_MAX + 1] = {
+ [NFT_LOGLEVEL_EMERG] = "emerg",
+ [NFT_LOGLEVEL_ALERT] = "alert",
+ [NFT_LOGLEVEL_CRIT] = "crit",
+ [NFT_LOGLEVEL_ERR] = "err",
+ [NFT_LOGLEVEL_WARNING] = "warn",
+ [NFT_LOGLEVEL_NOTICE] = "notice",
+ [NFT_LOGLEVEL_INFO] = "info",
+ [NFT_LOGLEVEL_DEBUG] = "debug",
+ [NFT_LOGLEVEL_AUDIT] = "audit"
};
const char *log_level(uint32_t level)
{
- if (level > LOGLEVEL_AUDIT)
+ if (level > NFT_LOGLEVEL_MAX)
return "unknown";
return syslog_level[level];
@@ -280,7 +280,7 @@ int log_level_parse(const char *level)
{
int i;
- for (i = 0; i <= LOGLEVEL_AUDIT; i++) {
+ for (i = 0; i <= NFT_LOGLEVEL_MAX; i++) {
if (syslog_level[i] &&
!strcmp(level, syslog_level[i]))
return i;