summaryrefslogtreecommitdiffstats
path: root/src/evaluate.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2016-03-14 19:40:29 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2016-03-14 20:43:50 +0100
commitcb98800c49eb3e79674778f87694bd5f5d00dd4d (patch)
tree9326dffceaad08200338c3dc2622919564a90a15 /src/evaluate.c
parentf712d8db62b2974f69ffe968bae932f0fa3e966a (diff)
evaluate: use table_lookup_global() from expr_evaluate_symbol()
If there's already a table 'test' defined in the kernel and you load another table 'test' via `nft -f', table_lookup() returns the table that already exists in the kernel, so if you look up for objects that are defined in the file, nft bails out with 'Set does not exist'. Use table_lookup_global() function returns the existing table that is defined in the file and that it is set as context via ctx->handle->table. This is not a complete fix, we should splice the existing kernel objects into the userspace declaration. We just need some way to identify what objects are already in the kernel so we don't send them again (otherwise we will hit EEXIST errors). I'll follow up with this full fix asap. Anyway, this patch fixes this shell test: I: [OK] ./testcases/sets/cache_handling_0 So at least by now we have all shell test returning OK. I'll add more tests to catch the case I describe above once it is fixed too. Cc: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/evaluate.c')
-rw-r--r--src/evaluate.c30
1 files changed, 15 insertions, 15 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index be6ae593..473f014d 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -155,6 +155,20 @@ static int byteorder_conversion(struct eval_ctx *ctx, struct expr **expr,
return 0;
}
+static struct table *table_lookup_global(struct eval_ctx *ctx)
+{
+ struct table *table;
+
+ if (ctx->table != NULL)
+ return ctx->cmd->table;
+
+ table = table_lookup(&ctx->cmd->handle);
+ if (table == NULL)
+ return NULL;
+
+ return table;
+}
+
/*
* Symbol expression: parse symbol and evaluate resulting expression.
*/
@@ -189,7 +203,7 @@ static int expr_evaluate_symbol(struct eval_ctx *ctx, struct expr **expr)
if (ret < 0)
return ret;
- table = table_lookup(&ctx->cmd->handle);
+ table = table_lookup_global(ctx);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
ctx->cmd->handle.table);
@@ -2073,20 +2087,6 @@ int stmt_evaluate(struct eval_ctx *ctx, struct stmt *stmt)
}
}
-static struct table *table_lookup_global(struct eval_ctx *ctx)
-{
- struct table *table;
-
- if (ctx->table != NULL)
- return ctx->cmd->table;
-
- table = table_lookup(&ctx->cmd->handle);
- if (table == NULL)
- return NULL;
-
- return table;
-}
-
static int setelem_evaluate(struct eval_ctx *ctx, struct expr **expr)
{
struct table *table;