diff options
author | Phil Sutter <phil@nwl.cc> | 2021-07-30 17:20:27 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2022-03-01 10:54:03 +0100 |
commit | 578467c10f0ec10faf456cec529c2af14fc81495 (patch) | |
tree | db8f9c484232b4708c4c0548aa924c57138ef248 | |
parent | a16697097e2bb20061cdd659f48def6ada0c6701 (diff) |
scanner: policy: move to own scope
Isolate 'performance' and 'memory' keywords.
Signed-off-by: Phil Sutter <phil@nwl.cc>
-rw-r--r-- | include/parser.h | 1 | ||||
-rw-r--r-- | src/parser_bison.y | 7 | ||||
-rw-r--r-- | src/scanner.l | 9 |
3 files changed, 11 insertions, 6 deletions
diff --git a/include/parser.h b/include/parser.h index 57f1fcc5..79eadc0d 100644 --- a/include/parser.h +++ b/include/parser.h @@ -40,6 +40,7 @@ enum startcond_type { PARSER_SC_IP, PARSER_SC_IP6, PARSER_SC_LIMIT, + PARSER_SC_POLICY, PARSER_SC_QUOTA, PARSER_SC_SCTP, PARSER_SC_SECMARK, diff --git a/src/parser_bison.y b/src/parser_bison.y index f75fe4ae..2d419287 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -957,6 +957,7 @@ close_scope_mh : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_MH); }; close_scope_monitor : { scanner_pop_start_cond(nft->scanner, PARSER_SC_CMD_MONITOR); }; close_scope_numgen : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_NUMGEN); }; close_scope_osf : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_OSF); }; +close_scope_policy : { scanner_pop_start_cond(nft->scanner, PARSER_SC_POLICY); }; close_scope_quota : { scanner_pop_start_cond(nft->scanner, PARSER_SC_QUOTA); }; close_scope_queue : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_QUEUE); }; close_scope_reject : { scanner_pop_start_cond(nft->scanner, PARSER_SC_STMT_REJECT); }; @@ -2101,7 +2102,7 @@ map_block : /* empty */ { $$ = $<set>-1; } | map_block set_mechanism stmt_separator ; -set_mechanism : POLICY set_policy_spec +set_mechanism : POLICY set_policy_spec close_scope_policy { $<set>0->policy = $2; } @@ -2519,7 +2520,7 @@ flags_spec : FLAGS OFFLOAD close_scope_flags } ; -policy_spec : POLICY policy_expr +policy_spec : POLICY policy_expr close_scope_policy { if ($<chain>0->policy) { erec_queue(error(&@$, "you cannot set chain policy twice"), @@ -4567,7 +4568,7 @@ ct_timeout_config : PROTOCOL ct_l4protoname stmt_separator ct = &$<obj>0->ct_timeout; ct->l4proto = l4proto; } - | POLICY '=' '{' timeout_states '}' stmt_separator + | POLICY '=' '{' timeout_states '}' stmt_separator close_scope_policy { struct ct_timeout *ct; diff --git a/src/scanner.l b/src/scanner.l index 608471b3..b885f845 100644 --- a/src/scanner.l +++ b/src/scanner.l @@ -206,6 +206,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) %s SCANSTATE_IP %s SCANSTATE_IP6 %s SCANSTATE_LIMIT +%s SCANSTATE_POLICY %s SCANSTATE_QUOTA %s SCANSTATE_SCTP %s SCANSTATE_SECMARK @@ -370,10 +371,12 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) "elements" { return ELEMENTS; } "expires" { return EXPIRES; } -"policy" { return POLICY; } +"policy" { scanner_push_start_cond(yyscanner, SCANSTATE_POLICY); return POLICY; } "size" { return SIZE; } -"performance" { return PERFORMANCE; } -"memory" { return MEMORY; } +<SCANSTATE_POLICY>{ + "performance" { return PERFORMANCE; } + "memory" { return MEMORY; } +} "flow" { return FLOW; } "offload" { return OFFLOAD; } |