diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-15 19:38:59 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-03-15 19:46:06 +0100 |
commit | 78e0a06b51d71288cbb5dbe5a3bae2c7ff97d862 (patch) | |
tree | b37984c437edf2a9a129b448d5b61cbcb1e9ea28 /src | |
parent | c5ecdbf752ce0505a6696489d6df03b88cb56b0a (diff) |
src: update dynamic set updates from packet path syntax
New prefered syntax is:
{add,update} set { key } @name
# nft list ruleset
table ip x {
set y {
type ipv4_addr
}
chain y {
ip protocol tcp add set { ip saddr} @y
}
}
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/parser_bison.y | 7 | ||||
-rw-r--r-- | src/statement.c | 4 |
2 files changed, 9 insertions, 2 deletions
diff --git a/src/parser_bison.y b/src/parser_bison.y index 6fba7e59..e5573a20 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -2713,6 +2713,13 @@ set_stmt : SET set_stmt_op set_elem_expr_stmt symbol_expr $$->set.key = $3; $$->set.set = $4; } + | set_stmt_op SET '{' set_elem_expr_stmt '}' symbol_expr + { + $$ = set_stmt_alloc(&@$); + $$->set.op = $1; + $$->set.key = $4; + $$->set.set = $6; + } ; set_stmt_op : ADD { $$ = NFT_DYNSET_OP_ADD; } diff --git a/src/statement.c b/src/statement.c index 61ba643b..41fa24f1 100644 --- a/src/statement.c +++ b/src/statement.c @@ -615,9 +615,9 @@ static const char * const set_stmt_op_names[] = { static void set_stmt_print(const struct stmt *stmt, struct output_ctx *octx) { - nft_print(octx, "set %s ", set_stmt_op_names[stmt->set.op]); + nft_print(octx, "%s set { ", set_stmt_op_names[stmt->set.op]); expr_print(stmt->set.key, octx); - nft_print(octx, " "); + nft_print(octx, "} "); expr_print(stmt->set.set, octx); } |