diff options
author | Phil Sutter <phil@nwl.cc> | 2021-07-23 14:34:34 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2022-03-01 10:54:03 +0100 |
commit | 232f2c3287fc780f31c076767799afc08d34cf02 (patch) | |
tree | 3a670c622da6caafb7cee457b9f81797b1dbea85 | |
parent | 26b536538ac82f603932dc23f41bc5581ebc5d73 (diff) |
scanner: synproxy: Move to own scope
Quite a few keywords are shared with PARSER_SC_TCP.
Signed-off-by: Phil Sutter <phil@nwl.cc>
-rw-r--r-- | include/parser.h | 1 | ||||
-rw-r--r-- | src/parser_bison.y | 15 | ||||
-rw-r--r-- | src/scanner.l | 20 |
3 files changed, 22 insertions, 14 deletions
diff --git a/include/parser.h b/include/parser.h index 16e02a1f..0e75bad4 100644 --- a/include/parser.h +++ b/include/parser.h @@ -55,6 +55,7 @@ enum startcond_type { PARSER_SC_EXPR_SOCKET, PARSER_SC_STMT_LOG, + PARSER_SC_STMT_SYNPROXY, }; struct mnl_socket; diff --git a/src/parser_bison.y b/src/parser_bison.y index 8a1081a0..0fc8e855 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -954,6 +954,7 @@ close_scope_socket : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_SOCKE close_scope_tcp : { scanner_pop_start_cond(nft->scanner, PARSER_SC_TCP); }; close_scope_log : { scanner_pop_start_cond(nft->scanner, PARSER_SC_STMT_LOG); } +close_scope_synproxy : { scanner_pop_start_cond(nft->scanner, PARSER_SC_STMT_SYNPROXY); } common_block : INCLUDE QUOTED_STRING stmt_separator { @@ -1154,11 +1155,11 @@ add_cmd : TABLE table_spec { $$ = cmd_alloc(CMD_ADD, CMD_OBJ_SECMARK, &$2, &@$, $3); } - | SYNPROXY obj_spec synproxy_obj synproxy_config + | SYNPROXY obj_spec synproxy_obj synproxy_config close_scope_synproxy { $$ = cmd_alloc(CMD_ADD, CMD_OBJ_SYNPROXY, &$2, &@$, $3); } - | SYNPROXY obj_spec synproxy_obj '{' synproxy_block '}' + | SYNPROXY obj_spec synproxy_obj '{' synproxy_block '}' close_scope_synproxy { $$ = cmd_alloc(CMD_ADD, CMD_OBJ_SYNPROXY, &$2, &@$, $3); } @@ -1255,7 +1256,7 @@ create_cmd : TABLE table_spec { $$ = cmd_alloc(CMD_CREATE, CMD_OBJ_SECMARK, &$2, &@$, $3); } - | SYNPROXY obj_spec synproxy_obj synproxy_config + | SYNPROXY obj_spec synproxy_obj synproxy_config close_scope_synproxy { $$ = cmd_alloc(CMD_CREATE, CMD_OBJ_SYNPROXY, &$2, &@$, $3); } @@ -1344,7 +1345,7 @@ delete_cmd : TABLE table_or_id_spec { $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_SECMARK, &$2, &@$, NULL); } - | SYNPROXY obj_or_id_spec + | SYNPROXY obj_or_id_spec close_scope_synproxy { $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_SYNPROXY, &$2, &@$, NULL); } @@ -1440,7 +1441,7 @@ list_cmd : TABLE table_spec { $$ = cmd_alloc(CMD_LIST, CMD_OBJ_SYNPROXYS, &$3, &@$, NULL); } - | SYNPROXY obj_spec + | SYNPROXY obj_spec close_scope_synproxy { $$ = cmd_alloc(CMD_LIST, CMD_OBJ_SYNPROXY, &$2, &@$, NULL); } @@ -1796,7 +1797,7 @@ table_block : /* empty */ { $$ = $<table>-1; } } | table_block SYNPROXY obj_identifier obj_block_alloc '{' synproxy_block '}' - stmt_separator + stmt_separator close_scope_synproxy { $4->location = @3; $4->type = NFT_OBJECT_SYNPROXY; @@ -2831,7 +2832,7 @@ stmt : verdict_stmt | fwd_stmt | set_stmt | map_stmt - | synproxy_stmt + | synproxy_stmt close_scope_synproxy | chain_stmt | optstrip_stmt ; diff --git a/src/scanner.l b/src/scanner.l index 95dcd033..01cb501c 100644 --- a/src/scanner.l +++ b/src/scanner.l @@ -221,6 +221,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) %s SCANSTATE_EXPR_SOCKET %s SCANSTATE_STMT_LOG +%s SCANSTATE_STMT_SYNPROXY %% @@ -492,6 +493,9 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) "sack1" { return SACK1; } "sack2" { return SACK2; } "sack3" { return SACK3; } + "sack-permitted" { return SACK_PERM; } + "sack-perm" { return SACK_PERM; } + "timestamp" { return TIMESTAMP; } "fastopen" { return FASTOPEN; } "mptcp" { return MPTCP; } "md5sig" { return MD5SIG; } @@ -508,11 +512,6 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) "option" { return OPTION; } } "time" { return TIME; } -"maxseg" { return MSS; } -"mss" { return MSS; } -"sack-permitted" { return SACK_PERM; } -"sack-perm" { return SACK_PERM; } -"timestamp" { return TIMESTAMP; } "icmp" { scanner_push_start_cond(yyscanner, SCANSTATE_ICMP); return ICMP; } "icmpv6" { scanner_push_start_cond(yyscanner, SCANSTATE_ICMP); return ICMP6; } @@ -694,8 +693,15 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) "osf" { return OSF; } -"synproxy" { return SYNPROXY; } -"wscale" { return WSCALE; } +"synproxy" { scanner_push_start_cond(yyscanner, SCANSTATE_STMT_SYNPROXY); return SYNPROXY; } +<SCANSTATE_STMT_SYNPROXY>{ + "wscale" { return WSCALE; } + "maxseg" { return MSS; } + "mss" { return MSS; } + "timestamp" { return TIMESTAMP; } + "sack-permitted" { return SACK_PERM; } + "sack-perm" { return SACK_PERM; } +} "notrack" { return NOTRACK; } |