summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/evaluate.c4
-rw-r--r--src/parser_bison.y2
-rw-r--r--src/parser_json.c2
-rw-r--r--src/scanner.l1
-rw-r--r--src/socket.c6
5 files changed, 14 insertions, 1 deletions
diff --git a/src/evaluate.c b/src/evaluate.c
index 320a464f..8f133ea8 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1998,9 +1998,11 @@ static int expr_evaluate_meta(struct eval_ctx *ctx, struct expr **exprp)
static int expr_evaluate_socket(struct eval_ctx *ctx, struct expr **expr)
{
+ enum nft_socket_keys key = (*expr)->socket.key;
int maxval = 0;
- if((*expr)->socket.key == NFT_SOCKET_TRANSPARENT)
+ if (key == NFT_SOCKET_TRANSPARENT ||
+ key == NFT_SOCKET_WILDCARD)
maxval = 1;
__expr_set_context(&ctx->ectx, (*expr)->dtype, (*expr)->byteorder,
(*expr)->len, maxval);
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 95adc48f..d938f566 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -213,6 +213,7 @@ int nft_lex(void *, void *, void *);
%token SOCKET "socket"
%token TRANSPARENT "transparent"
+%token WILDCARD "wildcard"
%token TPROXY "tproxy"
@@ -4595,6 +4596,7 @@ socket_expr : SOCKET socket_key
socket_key : TRANSPARENT { $$ = NFT_SOCKET_TRANSPARENT; }
| MARK { $$ = NFT_SOCKET_MARK; }
+ | WILDCARD { $$ = NFT_SOCKET_WILDCARD; }
;
offset_opt : /* empty */ { $$ = 0; }
diff --git a/src/parser_json.c b/src/parser_json.c
index 59347168..ac89166e 100644
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -427,6 +427,8 @@ static struct expr *json_parse_socket_expr(struct json_ctx *ctx,
keyval = NFT_SOCKET_TRANSPARENT;
else if (!strcmp(key, "mark"))
keyval = NFT_SOCKET_MARK;
+ else if (!strcmp(key, "wildcard"))
+ keyval = NFT_SOCKET_WILDCARD;
if (keyval == -1) {
json_error(ctx, "Invalid socket key value.");
diff --git a/src/scanner.l b/src/scanner.l
index 45699c85..9e6464f9 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -268,6 +268,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
"socket" { return SOCKET; }
"transparent" { return TRANSPARENT;}
+"wildcard" { return WILDCARD; }
"tproxy" { return TPROXY; }
diff --git a/src/socket.c b/src/socket.c
index d78a163a..673e5d0f 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -26,6 +26,12 @@ const struct socket_template socket_templates[] = {
.len = 4 * BITS_PER_BYTE,
.byteorder = BYTEORDER_HOST_ENDIAN,
},
+ [NFT_SOCKET_WILDCARD] = {
+ .token = "wildcard",
+ .dtype = &integer_type,
+ .len = BITS_PER_BYTE,
+ .byteorder = BYTEORDER_HOST_ENDIAN,
+ },
};
static void socket_expr_print(const struct expr *expr, struct output_ctx *octx)