diff options
Diffstat (limited to 'src/parser.y')
-rw-r--r-- | src/parser.y | 138 |
1 files changed, 99 insertions, 39 deletions
diff --git a/src/parser.y b/src/parser.y index 345d8d06..3e3abedd 100644 --- a/src/parser.y +++ b/src/parser.y @@ -166,6 +166,8 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token MAP "map" %token HANDLE "handle" +%token INET "inet" + %token ADD "add" %token INSERT "insert" %token DELETE "delete" @@ -180,7 +182,6 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token JUMP "jump" %token GOTO "goto" %token RETURN "return" -%token QUEUE "queue" %token CONSTANT "constant" %token INTERVAL "interval" @@ -284,6 +285,8 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token MH "mh" %token META "meta" +%token NFPROTO "nfproto" +%token L4PROTO "l4proto" %token MARK "mark" %token IIF "iif" %token IIFNAME "iifname" @@ -333,6 +336,13 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token SNAT "snat" %token DNAT "dnat" +%token QUEUE "queue" +%token QUEUENUM "num" +%token QUEUETOTAL "total" +%token QUEUEBYPASS "bypass" +%token QUEUECPUFANOUT "fanout" +%token OPTIONS "options" + %token POSITION "position" %type <string> identifier string @@ -382,6 +392,9 @@ static void location_update(struct location *loc, struct location *rhs, int n) %destructor { stmt_free($$); } reject_stmt %type <stmt> nat_stmt nat_stmt_alloc %destructor { stmt_free($$); } nat_stmt nat_stmt_alloc +%type <stmt> queue_stmt queue_stmt_alloc +%destructor { stmt_free($$); } queue_stmt queue_stmt_alloc +%type <val> queue_flags queue_flag %type <expr> symbol_expr verdict_expr integer_expr %destructor { expr_free($$); } symbol_expr verdict_expr integer_expr @@ -854,6 +867,7 @@ string : STRING family_spec : /* empty */ { $$ = NFPROTO_IPV4; } | IP { $$ = NFPROTO_IPV4; } | IP6 { $$ = NFPROTO_IPV6; } + | INET { $$ = NFPROTO_INET; } | ARP { $$ = NFPROTO_ARP; } | BRIDGE { $$ = NFPROTO_BRIDGE; } ; @@ -963,6 +977,7 @@ stmt : verdict_stmt | limit_stmt | reject_stmt | nat_stmt + | queue_stmt ; verdict_stmt : verdict_expr @@ -1087,6 +1102,57 @@ nat_stmt_args : expr } ; +queue_stmt : queue_stmt_alloc + | queue_stmt_alloc queue_args + ; + +queue_stmt_alloc : QUEUE + { + $$ = queue_stmt_alloc(&@$); + } + ; + +queue_args : queue_arg + { + $<stmt>$ = $<stmt>0; + } + | queue_args queue_arg + ; + +queue_arg : QUEUENUM NUM + { + $<stmt>0->queue.queuenum = $2; + } + | QUEUETOTAL NUM + { + $<stmt>0->queue.queues_total = $2; + } + | OPTIONS queue_flags + { + $<stmt>0->queue.flags = $2; + } + ; + +queue_flags : queue_flag + { + $$ = $1; + } + | queue_flags COMMA queue_flag + { + $$ |= $1 | $3; + } + ; + +queue_flag : QUEUEBYPASS + { + $$ = NFT_QUEUE_FLAG_BYPASS; + } + | QUEUECPUFANOUT + { + $$ = NFT_QUEUE_FLAG_CPU_FANOUT; + } + ; + match_stmt : relational_expr { $$ = expr_stmt_alloc(&@$, $1); @@ -1323,10 +1389,6 @@ verdict_expr : ACCEPT { $$ = verdict_expr_alloc(&@$, NF_DROP, NULL); } - | QUEUE - { - $$ = verdict_expr_alloc(&@$, NF_QUEUE, NULL); - } | CONTINUE { $$ = verdict_expr_alloc(&@$, NFT_CONTINUE, NULL); @@ -1360,6 +1422,8 @@ meta_key : meta_key_qualified ; meta_key_qualified : LENGTH { $$ = NFT_META_LEN; } + | NFPROTO { $$ = NFT_META_NFPROTO; } + | L4PROTO { $$ = NFT_META_L4PROTO; } | PROTOCOL { $$ = NFT_META_PROTOCOL; } | PRIORITY { $$ = NFT_META_PRIORITY; } ; @@ -1435,14 +1499,14 @@ payload_raw_expr : AT payload_base_spec COMMA NUM COMMA NUM } ; -payload_base_spec : LL_HDR { $$ = PAYLOAD_BASE_LL_HDR; } - | NETWORK_HDR { $$ = PAYLOAD_BASE_NETWORK_HDR; } - | TRANSPORT_HDR { $$ = PAYLOAD_BASE_TRANSPORT_HDR; } +payload_base_spec : LL_HDR { $$ = PROTO_BASE_LL_HDR; } + | NETWORK_HDR { $$ = PROTO_BASE_NETWORK_HDR; } + | TRANSPORT_HDR { $$ = PROTO_BASE_TRANSPORT_HDR; } ; eth_hdr_expr : ETHER eth_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_eth, $2); + $$ = payload_expr_alloc(&@$, &proto_eth, $2); } ; @@ -1453,14 +1517,13 @@ eth_hdr_field : SADDR { $$ = ETHHDR_SADDR; } vlan_hdr_expr : VLAN vlan_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_vlan, $2); + $$ = payload_expr_alloc(&@$, &proto_vlan, $2); } | VLAN { - uint16_t data = ETH_P_8021Q; - $$ = constant_expr_alloc(&@$, ðertype_type, - BYTEORDER_HOST_ENDIAN, - sizeof(data) * BITS_PER_BYTE, &data); + $$ = symbol_expr_alloc(&@$, SYMBOL_VALUE, + current_scope(state), + "vlan"); } ; @@ -1472,14 +1535,13 @@ vlan_hdr_field : ID { $$ = VLANHDR_VID; } arp_hdr_expr : ARP arp_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_arp, $2); + $$ = payload_expr_alloc(&@$, &proto_arp, $2); } | ARP { - uint16_t data = ETH_P_ARP; - $$ = constant_expr_alloc(&@$, ðertype_type, - BYTEORDER_HOST_ENDIAN, - sizeof(data) * BITS_PER_BYTE, &data); + $$ = symbol_expr_alloc(&@$, SYMBOL_VALUE, + current_scope(state), + "arp"); } ; @@ -1492,14 +1554,13 @@ arp_hdr_field : HTYPE { $$ = ARPHDR_HRD; } ip_hdr_expr : IP ip_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_ip, $2); + $$ = payload_expr_alloc(&@$, &proto_ip, $2); } | IP { - uint16_t data = ETH_P_IP; - $$ = constant_expr_alloc(&@$, ðertype_type, - BYTEORDER_HOST_ENDIAN, - sizeof(data) * BITS_PER_BYTE, &data); + $$ = symbol_expr_alloc(&@$, SYMBOL_VALUE, + current_scope(state), + "ip"); } ; @@ -1518,7 +1579,7 @@ ip_hdr_field : VERSION { $$ = IPHDR_VERSION; } icmp_hdr_expr : ICMP icmp_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_icmp, $2); + $$ = payload_expr_alloc(&@$, &proto_icmp, $2); } | ICMP { @@ -1540,14 +1601,13 @@ icmp_hdr_field : TYPE { $$ = ICMPHDR_TYPE; } ip6_hdr_expr : IP6 ip6_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_ip6, $2); + $$ = payload_expr_alloc(&@$, &proto_ip6, $2); } | IP6 { - uint16_t data = ETH_P_IPV6; - $$ = constant_expr_alloc(&@$, ðertype_type, - BYTEORDER_HOST_ENDIAN, - sizeof(data) * BITS_PER_BYTE, &data); + $$ = symbol_expr_alloc(&@$, SYMBOL_VALUE, + current_scope(state), + "ip6"); } ; @@ -1562,7 +1622,7 @@ ip6_hdr_field : VERSION { $$ = IP6HDR_VERSION; } ; icmp6_hdr_expr : ICMP6 icmp6_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_icmp6, $2); + $$ = payload_expr_alloc(&@$, &proto_icmp6, $2); } | ICMP6 { @@ -1585,7 +1645,7 @@ icmp6_hdr_field : TYPE { $$ = ICMP6HDR_TYPE; } auth_hdr_expr : AH auth_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_ah, $2); + $$ = payload_expr_alloc(&@$, &proto_ah, $2); } | AH { @@ -1605,7 +1665,7 @@ auth_hdr_field : NEXTHDR { $$ = AHHDR_NEXTHDR; } esp_hdr_expr : ESP esp_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_esp, $2); + $$ = payload_expr_alloc(&@$, &proto_esp, $2); } | ESP { @@ -1622,7 +1682,7 @@ esp_hdr_field : SPI { $$ = ESPHDR_SPI; } comp_hdr_expr : COMP comp_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_comp, $2); + $$ = payload_expr_alloc(&@$, &proto_comp, $2); } | COMP { @@ -1640,7 +1700,7 @@ comp_hdr_field : NEXTHDR { $$ = COMPHDR_NEXTHDR; } udp_hdr_expr : UDP udp_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_udp, $2); + $$ = payload_expr_alloc(&@$, &proto_udp, $2); } | UDP { @@ -1659,7 +1719,7 @@ udp_hdr_field : SPORT { $$ = UDPHDR_SPORT; } udplite_hdr_expr : UDPLITE udplite_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_udplite, $2); + $$ = payload_expr_alloc(&@$, &proto_udplite, $2); } | UDPLITE { @@ -1678,7 +1738,7 @@ udplite_hdr_field : SPORT { $$ = UDPHDR_SPORT; } tcp_hdr_expr : TCP tcp_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_tcp, $2); + $$ = payload_expr_alloc(&@$, &proto_tcp, $2); } | TCP { @@ -1703,7 +1763,7 @@ tcp_hdr_field : SPORT { $$ = TCPHDR_SPORT; } dccp_hdr_expr : DCCP dccp_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_dccp, $2); + $$ = payload_expr_alloc(&@$, &proto_dccp, $2); } | DCCP { @@ -1721,7 +1781,7 @@ dccp_hdr_field : SPORT { $$ = DCCPHDR_SPORT; } sctp_hdr_expr : SCTP sctp_hdr_field { - $$ = payload_expr_alloc(&@$, &payload_sctp, $2); + $$ = payload_expr_alloc(&@$, &proto_sctp, $2); } | SCTP { |