From a26d13e2b099d750e5333a563f5d802bf568eb59 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Mon, 29 Aug 2016 17:16:35 +0200 Subject: parser_bison: allow variable references in set elements definition Andreas reports that he cannot use variables in set definitions: define s-ext-2-int = 10.10.10.10 . 25, 10.10.10.10 . 143 set s-ext-2-int { type ipv4_addr . inet_service elements = { $s-ext-2-int } } This syntax is not correct though, since the curly braces should be placed in the variable definition itself, so we have context to handle this variable as a list of set elements. The correct syntax that works after this patch is: define s-ext-2-int = { 10.10.10.10 . 25, 10.10.10.10 . 143 } table inet forward { set s-ext-2-int { type ipv4_addr . inet_service elements = $s-ext-2-int } } Reported-by: Andreas Hainke Signed-off-by: Pablo Neira Ayuso --- src/parser_bison.y | 12 ++++++++---- tests/shell/testcases/nft-f/0009variable_0 | 23 +++++++++++++++++++++++ 2 files changed, 31 insertions(+), 4 deletions(-) create mode 100755 tests/shell/testcases/nft-f/0009variable_0 diff --git a/src/parser_bison.y b/src/parser_bison.y index a87468e2..aac10dcc 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -525,8 +525,8 @@ static void location_update(struct location *loc, struct location *rhs, int n) %type verdict_map_expr verdict_map_list_expr verdict_map_list_member_expr %destructor { expr_free($$); } verdict_map_expr verdict_map_list_expr verdict_map_list_member_expr -%type set_expr set_list_expr set_list_member_expr -%destructor { expr_free($$); } set_expr set_list_expr set_list_member_expr +%type set_expr set_block_expr set_list_expr set_list_member_expr +%destructor { expr_free($$); } set_expr set_block_expr set_list_expr set_list_member_expr %type set_elem_expr set_elem_expr_alloc set_lhs_expr set_rhs_expr %destructor { expr_free($$); } set_elem_expr set_elem_expr_alloc set_lhs_expr set_rhs_expr %type set_elem_expr_stmt set_elem_expr_stmt_alloc @@ -1061,7 +1061,7 @@ set_block : /* empty */ { $$ = $-1; } $1->gc_int = $3 * 1000; $$ = $1; } - | set_block ELEMENTS '=' set_expr + | set_block ELEMENTS '=' set_block_expr { $1->init = $4; $$ = $1; @@ -1069,6 +1069,10 @@ set_block : /* empty */ { $$ = $-1; } | set_block set_mechanism stmt_seperator ; +set_block_expr : set_expr + | variable_expr + ; + set_flag_list : set_flag_list COMMA set_flag { $$ = $1 | $3; @@ -1104,7 +1108,7 @@ map_block : /* empty */ { $$ = $-1; } $1->flags |= $3; $$ = $1; } - | map_block ELEMENTS '=' set_expr + | map_block ELEMENTS '=' set_block_expr { $1->init = $4; $$ = $1; diff --git a/tests/shell/testcases/nft-f/0009variable_0 b/tests/shell/testcases/nft-f/0009variable_0 new file mode 100755 index 00000000..4d387074 --- /dev/null +++ b/tests/shell/testcases/nft-f/0009variable_0 @@ -0,0 +1,23 @@ +#!/bin/bash + +set -e + +tmpfile=$(mktemp) +if [ ! -w $tmpfile ] ; then + echo "Failed to create tmp file" >&2 + exit 0 +fi + +trap "rm -rf $tmpfile" EXIT # cleanup if aborted + +RULESET="define concat-set-variable = { 10.10.10.10 . 25, 10.10.10.10 . 143 } + +table inet forward { + set concat-set-variable { + type ipv4_addr . inet_service + elements = \$concat-set-variable + } +}" + +echo "$RULESET" > $tmpfile +$NFT -f $tmpfile -- cgit v1.2.3