diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/parser_bison.y | 2 | ||||
| -rw-r--r-- | src/parser_json.c | 1 | ||||
| -rw-r--r-- | src/rt.c | 5 | ||||
| -rw-r--r-- | src/scanner.l | 1 |
4 files changed, 9 insertions, 0 deletions
diff --git a/src/parser_bison.y b/src/parser_bison.y index 85830d88..32d61b3b 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -510,6 +510,7 @@ int nft_lex(void *, void *, void *); %token EXTHDR "exthdr" +%token IPSEC "ipsec" %type <string> identifier type_identifier string comment_spec %destructor { xfree($$); } identifier type_identifier string comment_spec @@ -3830,6 +3831,7 @@ rt_expr : RT rt_key rt_key : CLASSID { $$ = NFT_RT_CLASSID; } | NEXTHOP { $$ = NFT_RT_NEXTHOP4; } | MTU { $$ = NFT_RT_TCPMSS; } + | IPSEC { $$ = NFT_RT_XFRM; } ; ct_expr : CT ct_key diff --git a/src/parser_json.c b/src/parser_json.c index 514bc46b..3f0ab0ac 100644 --- a/src/parser_json.c +++ b/src/parser_json.c @@ -621,6 +621,7 @@ static struct expr *json_parse_rt_expr(struct json_ctx *ctx, { "classid", NFT_RT_CLASSID }, { "nexthop", NFT_RT_NEXTHOP4 }, { "mtu", NFT_RT_TCPMSS }, + { "ipsec", NFT_RT_XFRM }, }; unsigned int i, familyval = NFPROTO_UNSPEC; const char *key, *family = NULL; @@ -79,6 +79,11 @@ const struct rt_template rt_templates[] = { 2 * BITS_PER_BYTE, BYTEORDER_HOST_ENDIAN, false), + [NFT_RT_XFRM] = RT_TEMPLATE("ipsec", + &boolean_type, + BITS_PER_BYTE, + BYTEORDER_HOST_ENDIAN, + false), }; static void rt_expr_print(const struct expr *expr, struct output_ctx *octx) diff --git a/src/scanner.l b/src/scanner.l index 2f45e05b..26e63b9b 100644 --- a/src/scanner.l +++ b/src/scanner.l @@ -554,6 +554,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) "exthdr" { return EXTHDR; } +"ipsec" { return IPSEC; } {addrstring} { yylval->string = xstrdup(yytext); return STRING; |