summaryrefslogtreecommitdiffstats
path: root/src/scanner.l
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2017-10-09 01:40:36 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2017-10-09 14:12:04 +0200
commitfd513de78bc0133f6ba61087be168e2a8d067107 (patch)
tree3466acbf9f966d902c599cdbe040578803b15a7a /src/scanner.l
parent22d2010109193e6ee201d7cd4e8aaf5cda4539a0 (diff)
scanner: IPv4-Mapped IPv6 addresses support
The scanner rejects IPv4-Mapped IPv6 addresses, eg. # cat test #!/usr/sbin/nft -f flush ruleset table inet global { set blackhole_ipv6 { type ipv6_addr flags interval elements = { ::ffff:0.0.0.0/96 } } } # nft -f test test:8:30-38: Error: syntax error, unexpected string, expecting comma or '}' elements = { ::ffff:0.0.0.0/96 } ^^^^^^^^^^ According to RFC4291, Sect. 2.5.5.2. IPv4-Mapped IPv6 Address: | 80 bits | 16 | 32 bits | +--------------------------------------+--------------------------+ |0000..............................0000|FFFF| IPv4 address | +--------------------------------------+----+---------------------+ Update scanner bits to parse this. Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1188 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/scanner.l')
-rw-r--r--src/scanner.l3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/scanner.l b/src/scanner.l
index 186fb47e..59407366 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -160,7 +160,8 @@ v63 ({v630}|{v631}|{v632}|{v633})
v620 ((:)((:{hex4}){2}))
v621 ((({hex4}:){1})((:{hex4}){1}))
v622 ((({hex4}:){2})(:))
-v62 ({v620}|{v621}|{v622})
+v62_rfc4291 ((:)(:[fF]{4})(:{ip4addr}))
+v62 ({v620}|{v621}|{v622}|{v62_rfc4291})
v610 ((:)(:{hex4}{1}))
v611 ((({hex4}:){1})(:))
v61 ({v610}|{v611})