From fde8ddfc31bbc4015e8a76b40cc7e27bcd7920ff Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Sat, 17 Mar 2018 10:39:27 +0100 Subject: Combine redir and masq statements into nat All these statements are very similar, handling them with the same code is obvious. The only thing required here is a custom extension of enum nft_nat_types which is used in nat_stmt to distinguish between snat and dnat already. Though since enum nft_nat_types is part of kernel uAPI, create a local extended version containing the additional fields. Note that nat statement printing got a bit more complicated to get the number of spaces right for every possible combination of attributes. Note also that there wasn't a case for STMT_MASQ in rule_parse_postprocess(), which seems like a bug. Since STMT_MASQ became just a variant of STMT_NAT, postprocessing will take place for it now anyway. Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- src/parser_bison.y | 38 +++++++++++++++----------------------- 1 file changed, 15 insertions(+), 23 deletions(-) (limited to 'src/parser_bison.y') diff --git a/src/parser_bison.y b/src/parser_bison.y index 9c143832..f1617eea 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -2417,16 +2417,8 @@ reject_opts : /* empty */ nat_stmt : nat_stmt_alloc nat_stmt_args ; -nat_stmt_alloc : SNAT - { - $$ = nat_stmt_alloc(&@$); - $$->nat.type = NFT_NAT_SNAT; - } - | DNAT - { - $$ = nat_stmt_alloc(&@$); - $$->nat.type = NFT_NAT_DNAT; - } +nat_stmt_alloc : SNAT { $$ = nat_stmt_alloc(&@$, NFT_NAT_SNAT); } + | DNAT { $$ = nat_stmt_alloc(&@$, NFT_NAT_DNAT); } ; primary_stmt_expr : symbol_expr { $$ = $1; } @@ -2576,21 +2568,21 @@ masq_stmt : masq_stmt_alloc masq_stmt_args | masq_stmt_alloc ; -masq_stmt_alloc : MASQUERADE { $$ = masq_stmt_alloc(&@$); } +masq_stmt_alloc : MASQUERADE { $$ = nat_stmt_alloc(&@$, NFT_NAT_MASQ); } ; masq_stmt_args : TO COLON stmt_expr { - $0->masq.proto = $3; + $0->nat.proto = $3; } | TO COLON stmt_expr nf_nat_flags { - $0->masq.proto = $3; - $0->masq.flags = $4; + $0->nat.proto = $3; + $0->nat.flags = $4; } | nf_nat_flags { - $0->masq.flags = $1; + $0->nat.flags = $1; } ; @@ -2598,30 +2590,30 @@ redir_stmt : redir_stmt_alloc redir_stmt_arg | redir_stmt_alloc ; -redir_stmt_alloc : REDIRECT { $$ = redir_stmt_alloc(&@$); } +redir_stmt_alloc : REDIRECT { $$ = nat_stmt_alloc(&@$, NFT_NAT_REDIR); } ; redir_stmt_arg : TO stmt_expr { - $0->redir.proto = $2; + $0->nat.proto = $2; } | TO COLON stmt_expr { - $0->redir.proto = $3; + $0->nat.proto = $3; } | nf_nat_flags { - $0->redir.flags = $1; + $0->nat.flags = $1; } | TO stmt_expr nf_nat_flags { - $0->redir.proto = $2; - $0->redir.flags = $3; + $0->nat.proto = $2; + $0->nat.flags = $3; } | TO COLON stmt_expr nf_nat_flags { - $0->redir.proto = $3; - $0->redir.flags = $4; + $0->nat.proto = $3; + $0->nat.flags = $4; } ; -- cgit v1.2.3