diff options
| author | Álvaro Neira Ayuso <alvaroneay@gmail.com> | 2014-06-10 15:26:24 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-06-11 11:14:37 +0200 |
| commit | 27619ffbe503ed4d9e59a02e81db9a7ac49d37af (patch) | |
| tree | d0341b9d56091aa541b6d0240bcf59283315af3c /src | |
| parent | 2874f6f52393495de8b31b6e5222441056fba9eb (diff) | |
queue: More compact syntax
This patch allows to use a new syntax more compact and break
the current syntax. This new syntax is more similar than the nftables
syntax that we use usually. We can use range like we have used in
other case in nftables. Here, we have some examples:
Before, If we want to declare a queue, we have used a syntax like this:
nft add rule test input queue num 1 total 3 options bypass,fanout
If we want to use the queue number 1 and the two next (total 3),
we use a range in the new syntax, for example:
nft add rule test input queue num 1-3 bypass fanout
Also if we want to use only one queue, the new rules are like:
nft add rule test input queue num 1 # queue 1
or
nft add rule test input queue # queue 0
And if we want to add a specific flags we only need to put
what flags we want to use:
nft add rule test input queue bypass
we don't need to use options and the comma for indicating the
flags.
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/netlink_delinearize.c | 9 | ||||
| -rw-r--r-- | src/netlink_linearize.c | 12 | ||||
| -rw-r--r-- | src/parser.y | 48 | ||||
| -rw-r--r-- | src/scanner.l | 2 | ||||
| -rw-r--r-- | src/statement.c | 23 |
5 files changed, 52 insertions, 42 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index ea333085..5c6ca800 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -541,11 +541,14 @@ static void netlink_parse_queue(struct netlink_parse_ctx *ctx, const struct nft_rule_expr *nle) { struct stmt *stmt; + uint16_t range_to; stmt = queue_stmt_alloc(loc); - stmt->queue.queuenum = nft_rule_expr_get_u16(nle, NFT_EXPR_QUEUE_NUM); - stmt->queue.queues_total = - nft_rule_expr_get_u16(nle, NFT_EXPR_QUEUE_TOTAL); + stmt->queue.from = nft_rule_expr_get_u16(nle, NFT_EXPR_QUEUE_NUM); + range_to = nft_rule_expr_get_u16(nle, NFT_EXPR_QUEUE_TOTAL); + range_to += stmt->queue.from - 1; + stmt->queue.to = range_to; + stmt->queue.flags = nft_rule_expr_get_u16(nle, NFT_EXPR_QUEUE_FLAGS); list_add_tail(&stmt->list, &ctx->rule->stmts); } diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c index 19153fd7..8db333cc 100644 --- a/src/netlink_linearize.c +++ b/src/netlink_linearize.c @@ -683,15 +683,17 @@ static void netlink_gen_queue_stmt(struct netlink_linearize_ctx *ctx, const struct stmt *stmt) { struct nft_rule_expr *nle; + uint16_t total_queues; nle = alloc_nft_expr("queue"); nft_rule_expr_set_u16(nle, NFT_EXPR_QUEUE_NUM, - stmt->queue.queuenum); - if (stmt->queue.queues_total) { - nft_rule_expr_set_u16(nle, NFT_EXPR_QUEUE_TOTAL, - stmt->queue.queues_total); - } + stmt->queue.from); + + total_queues = stmt->queue.to - stmt->queue.from; + nft_rule_expr_set_u16(nle, NFT_EXPR_QUEUE_TOTAL, + total_queues + 1); + if (stmt->queue.flags) { nft_rule_expr_set_u16(nle, NFT_EXPR_QUEUE_FLAGS, stmt->queue.flags); diff --git a/src/parser.y b/src/parser.y index 38b655d7..3e08e21e 100644 --- a/src/parser.y +++ b/src/parser.y @@ -365,10 +365,8 @@ static int monitor_lookup_event(const char *event) %token QUEUE "queue" %token QUEUENUM "num" -%token QUEUETOTAL "total" %token QUEUEBYPASS "bypass" %token QUEUECPUFANOUT "fanout" -%token OPTIONS "options" %token POSITION "position" %token COMMENT "comment" @@ -425,7 +423,7 @@ static int monitor_lookup_event(const char *event) %destructor { stmt_free($$); } reject_stmt %type <stmt> nat_stmt nat_stmt_alloc %destructor { stmt_free($$); } nat_stmt nat_stmt_alloc -%type <stmt> queue_stmt queue_stmt_alloc +%type <stmt> queue_stmt queue_stmt_alloc queue_range %destructor { stmt_free($$); } queue_stmt queue_stmt_alloc %type <val> queue_flags queue_flag @@ -1438,30 +1436,46 @@ queue_stmt : queue_stmt_alloc | queue_stmt_alloc queue_args ; -queue_stmt_alloc : QUEUE +queue_stmt_alloc : QUEUE { $$ = queue_stmt_alloc(&@$); } ; -queue_args : queue_arg +queue_args : QUEUENUM queue_range queue_flags { - $<stmt>$ = $<stmt>0; + $<stmt>0->queue.from = $2->queue.from; + $<stmt>0->queue.to = $2->queue.to; + $<stmt>0->queue.flags = $3; } - | queue_args queue_arg - ; - -queue_arg : QUEUENUM NUM + | QUEUENUM queue_range { - $<stmt>0->queue.queuenum = $2; + $<stmt>0->queue.from = $2->queue.from; + $<stmt>0->queue.to = $2->queue.to; } - | QUEUETOTAL NUM + | queue_flags { - $<stmt>0->queue.queues_total = $2; + $<stmt>0->queue.flags = $1; } - | OPTIONS queue_flags + ; + +queue_range : NUM { - $<stmt>0->queue.flags = $2; + $<stmt>0->queue.from = $1; + $<stmt>0->queue.to = $1; + $$ = $<stmt>0; + } + | NUM DASH NUM + { + if ($3 < $1) { + erec_queue(error(&@1, + "invalid range %d-%d", + $1, $3), state->msgs); + YYERROR; + } + $<stmt>0->queue.from = $1; + $<stmt>0->queue.to = $3; + $$ = $<stmt>0; } ; @@ -1469,9 +1483,9 @@ queue_flags : queue_flag { $$ = $1; } - | queue_flags COMMA queue_flag + | queue_flags queue_flag { - $$ |= $1 | $3; + $$ |= $1 | $2; } ; diff --git a/src/scanner.l b/src/scanner.l index d8d70ede..73a1a3f1 100644 --- a/src/scanner.l +++ b/src/scanner.l @@ -279,10 +279,8 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) "queue" { return QUEUE;} "num" { return QUEUENUM;} -"total" { return QUEUETOTAL;} "bypass" { return QUEUEBYPASS;} "fanout" { return QUEUECPUFANOUT;} -"options" { return OPTIONS;} "limit" { return LIMIT; } "rate" { return RATE; } diff --git a/src/statement.c b/src/statement.c index 3fdd9e2d..2dd3f187 100644 --- a/src/statement.c +++ b/src/statement.c @@ -174,21 +174,14 @@ struct stmt *limit_stmt_alloc(const struct location *loc) static void queue_stmt_print(const struct stmt *stmt) { - int one = 0; - - printf("queue num %u total %u", - stmt->queue.queuenum, stmt->queue.queues_total); - if (stmt->queue.flags) - printf(" options "); - if (stmt->queue.flags & NFT_QUEUE_FLAG_BYPASS) { - printf("bypass"); - one = 1; - } - if (stmt->queue.flags & NFT_QUEUE_FLAG_CPU_FANOUT) { - if (one) - printf (","); - printf("fanout"); - } + printf("queue num %u", + stmt->queue.from); + if (stmt->queue.to && stmt->queue.to != stmt->queue.from) + printf("-%u", stmt->queue.to); + if (stmt->queue.flags & NFT_QUEUE_FLAG_BYPASS) + printf(" bypass"); + if (stmt->queue.flags & NFT_QUEUE_FLAG_CPU_FANOUT) + printf(" fanout"); } |