summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2022-07-06 23:49:21 +0200
committerFlorian Westphal <fw@strlen.de>2022-07-07 00:31:29 +0200
commit45c097c60b3a5a2151fad976a0006048afce869a (patch)
treea148099f1094e838c7163eea83af0e280d9da180
parent6c23bfa512187d509ecc188653a6f232b0695d1d (diff)
scanner: allow prefix in ip6 scope
'ip6 prefix' is valid syntax, so make sure scanner recognizes it also in ip6 context. Also add test case. Fixes: a67fce7ffe7e ("scanner: nat: Move to own scope") Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1619 Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat
-rw-r--r--src/scanner.l2
-rwxr-xr-xtests/shell/testcases/sets/0046netmap_06
-rw-r--r--tests/shell/testcases/sets/dumps/0046netmap_0.nft6
3 files changed, 13 insertions, 1 deletions
diff --git a/src/scanner.l b/src/scanner.l
index 5741261a..1371cd04 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -403,7 +403,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
}
"log" { scanner_push_start_cond(yyscanner, SCANSTATE_STMT_LOG); return LOG; }
-<SCANSTATE_STMT_LOG,SCANSTATE_STMT_NAT,SCANSTATE_IP>"prefix" { return PREFIX; }
+<SCANSTATE_STMT_LOG,SCANSTATE_STMT_NAT,SCANSTATE_IP,SCANSTATE_IP6>"prefix" { return PREFIX; }
<SCANSTATE_STMT_LOG>{
"snaplen" { return SNAPLEN; }
"queue-threshold" { return QUEUE_THRESHOLD; }
diff --git a/tests/shell/testcases/sets/0046netmap_0 b/tests/shell/testcases/sets/0046netmap_0
index 2804a4a2..60bda401 100755
--- a/tests/shell/testcases/sets/0046netmap_0
+++ b/tests/shell/testcases/sets/0046netmap_0
@@ -8,6 +8,12 @@ EXPECTED="table ip x {
10.141.13.0/24 : 192.168.4.0/24 }
}
}
+ table ip6 x {
+ chain y {
+ type nat hook postrouting priority srcnat; policy accept;
+ snat ip6 prefix to ip6 saddr map { 2001:db8:1111::/64 : 2001:db8:2222::/64 }
+ }
+ }
"
set -e
diff --git a/tests/shell/testcases/sets/dumps/0046netmap_0.nft b/tests/shell/testcases/sets/dumps/0046netmap_0.nft
index e14c3395..5ac6b346 100644
--- a/tests/shell/testcases/sets/dumps/0046netmap_0.nft
+++ b/tests/shell/testcases/sets/dumps/0046netmap_0.nft
@@ -4,3 +4,9 @@ table ip x {
snat ip prefix to ip saddr map { 10.141.11.0/24 : 192.168.2.0/24, 10.141.12.0/24 : 192.168.3.0/24, 10.141.13.0/24 : 192.168.4.0/24 }
}
}
+table ip6 x {
+ chain y {
+ type nat hook postrouting priority srcnat; policy accept;
+ snat ip6 prefix to ip6 saddr map { 2001:db8:1111::/64 : 2001:db8:2222::/64 }
+ }
+}