diff options
author | Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> | 2013-09-04 12:50:19 +0300 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-09-04 12:31:17 +0200 |
commit | 108d9f6b3af0f70459fb7ccc1dfc5452d3f3646e (patch) | |
tree | 69f0d49bbc5e8daf02129b47caeee7ea4457d87b /src/parser.y | |
parent | ffad92b5f34d9960d8c6b1c70041b347634a2a76 (diff) |
src: Wrap netfilter hooks around human readable strings
This allows to use unique, human readable, hook names for the command
line and let the user being unaware of the complex netfilter's hook
names and there difference depending on the netfilter family.
So:
add chain foo bar { type route hook NF_INET_LOCAL_IN 0; }
becomes:
add chain foo bar { type route hook input 0; }
It also fixes then the difference in hook values between families.
I.e. ARP family has different values for input, forward and output
compared to IPv4, IPv6 or bridge.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/parser.y')
-rw-r--r-- | src/parser.y | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/src/parser.y b/src/parser.y index f0eb8e32..ec78e7fd 100644 --- a/src/parser.y +++ b/src/parser.y @@ -155,7 +155,6 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token DEFINE "define" %token HOOK "hook" -%token <val> HOOKNUM "hooknum" %token TABLE "table" %token TABLES "tables" %token CHAIN "chain" @@ -550,6 +549,7 @@ add_cmd : TABLE table_spec | CHAIN chain_spec chain_block_alloc '{' chain_block '}' { + $5->location = @5; handle_merge(&$3->handle, &$2); close_scope(state); $$ = cmd_alloc(CMD_ADD, CMD_OBJ_CHAIN, &$2, &@$, $5); @@ -667,6 +667,7 @@ table_block : /* empty */ { $$ = $<table>-1; } chain_block_alloc '{' chain_block '}' stmt_seperator { + $4->location = @3; handle_merge(&$4->handle, &$3); handle_free(&$3); close_scope(state); @@ -766,17 +767,27 @@ map_block : /* empty */ { $$ = $<set>-1; } } ; -hook_spec : TYPE STRING HOOK HOOKNUM NUM +hook_spec : TYPE STRING HOOK STRING NUM { $<chain>0->type = $2; - $<chain>0->hooknum = $4; + $<chain>0->hookstr = chain_hookname_lookup($4); + if ($<chain>0->hookstr == NULL) { + erec_queue(error(&@4, "unknown hook name %s", $4), + state->msgs); + YYERROR; + } $<chain>0->priority = $5; $<chain>0->flags |= CHAIN_F_BASECHAIN; } - | TYPE STRING HOOK HOOKNUM DASH NUM + | TYPE STRING HOOK STRING DASH NUM { $<chain>0->type = $2; - $<chain>0->hooknum = $4; + $<chain>0->hookstr = chain_hookname_lookup($4); + if ($<chain>0->hookstr == NULL) { + erec_queue(error(&@4, "unknown hook name %s", $4), + state->msgs); + YYERROR; + } $<chain>0->priority = -$6; $<chain>0->flags |= CHAIN_F_BASECHAIN; } |