From 61236968b7a1b4a4986f9a5c9a5e46d3eb70b799 Mon Sep 17 00:00:00 2001 From: Patrick McHardy Date: Tue, 4 Feb 2014 08:09:27 +0000 Subject: parser: evaluate commands immediately after parsing We currently do parsing and evaluation in two seperate stages. This means that if any error occurs during parsing, we won't evaluate the syntactical correct commands and detect possible evaluation errors in them. In order to improve error reporting, change this to evaluate every command as soon as it is fully parsed. With this in place, the ruleset can be fully validated and all errors reported in one step: tests/error.1:6:23-23: Error: syntax error, unexpected newline filter input tcp dport ^ tests/error.1:7:24-26: Error: datatype mismatch, expected internet network service, expression has type Internet protocol filter input tcp dport tcp ~~~~~~~~~ ^^^ tests/error.1:8:24-32: Error: Right hand side of relational expression (==) must be constant filter input tcp dport tcp dport ~~~~~~~~~~^^^^^^^^^ Signed-off-by: Patrick McHardy --- src/main.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'src/main.c') diff --git a/src/main.c b/src/main.c index 2320a826..9d505776 100644 --- a/src/main.c +++ b/src/main.c @@ -216,18 +216,12 @@ out: int nft_run(void *scanner, struct parser_state *state, struct list_head *msgs) { - struct eval_ctx ctx; - int ret = 0; + int ret; ret = nft_parse(scanner, state); if (ret != 0 || state->nerrs > 0) return -1; - memset(&ctx, 0, sizeof(ctx)); - ctx.msgs = msgs; - if (evaluate(&ctx, &state->cmds) < 0) - return -1; - return nft_netlink(state, msgs); } -- cgit v1.2.3