diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-24 16:45:06 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-25 14:21:56 +0200 |
commit | fd33d964a94063d7af6f1713350df980cf440503 (patch) | |
tree | 6421d4b11926d51f0cc91ad26d17f4faabb3f3a1 /src/parser_bison.y | |
parent | e0f8c894982a57cb1772640715737c7477e7ef8d (diff) |
src: create element command
This patch adds the create command, that send the NLM_F_EXCL flag so
nf_tables bails out if the element already exists, eg.
# nft add element x y { 1.1.1.1 }
# nft create element x y { 1.1.1.1 }
<cmdline>:1:1-31: Error: Could not process rule: File exists
create element x y { 1.1.1.1 }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This update requires nf_tables kernel patches to honor the NLM_F_EXCL.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/parser_bison.y')
-rw-r--r-- | src/parser_bison.y | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/parser_bison.y b/src/parser_bison.y index 5d5ce8c6..8c0f625c 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -788,6 +788,10 @@ create_cmd : TABLE table_spec handle_merge(&$3->handle, &$2); $$ = cmd_alloc(CMD_CREATE, CMD_OBJ_SET, &$2, &@$, $5); } + | ELEMENT set_spec set_expr + { + $$ = cmd_alloc(CMD_CREATE, CMD_OBJ_SETELEM, &$2, &@$, $3); + } ; insert_cmd : RULE rule_position rule |