diff options
author | Fernando Fernandez Mancera <ffmancera@riseup.net> | 2019-08-02 12:12:10 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-08-08 12:43:10 +0200 |
commit | dba4a9b4b5fe2c4b6929be799fdb9332fc653e1b (patch) | |
tree | 800a99b457f9a37fd7790a8308c0d4ec33809510 /src/parser_json.c | |
parent | 627c451b2351310da9ad82dbdb64747b1fada8e5 (diff) |
src: allow variable in chain policy
This patch allows you to use variables in chain policy definition, e.g.
define default_policy = "accept"
add table ip foo
add chain ip foo bar {type filter hook input priority filter; policy $default_policy}
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/parser_json.c')
-rw-r--r-- | src/parser_json.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/src/parser_json.c b/src/parser_json.c index a45234ad..956233b9 100644 --- a/src/parser_json.c +++ b/src/parser_json.c @@ -2530,13 +2530,20 @@ static struct cmd *json_parse_cmd_add_table(struct json_ctx *ctx, json_t *root, return cmd_alloc(op, obj, &h, int_loc, NULL); } -static int parse_policy(const char *policy) +static struct expr *parse_policy(const char *policy) { + int policy_num; + if (!strcmp(policy, "accept")) - return NF_ACCEPT; - if (!strcmp(policy, "drop")) - return NF_DROP; - return -1; + policy_num = NF_ACCEPT; + else if (!strcmp(policy, "drop")) + policy_num = NF_DROP; + else + return NULL; + + return constant_expr_alloc(int_loc, &integer_type, + BYTEORDER_HOST_ENDIAN, + sizeof(int) * BITS_PER_BYTE, &policy_num); } static struct cmd *json_parse_cmd_add_chain(struct json_ctx *ctx, json_t *root, |