From 25e195a561854f983c0696c7fe8c4a65bec7475b Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Tue, 14 Jan 2014 12:07:44 +0100 Subject: scanner: rename address selector from 'eth' to 'ether' eth may easily occur when using ifname masks. This could be also fixed by interpreting 'eth' as a simple string in the parser but I think this selector also looks more similar to what we use in tcpdump. Signed-off-by: Pablo Neira Ayuso --- src/parser.y | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/parser.y') diff --git a/src/parser.y b/src/parser.y index 26e71e37..461eb3f9 100644 --- a/src/parser.y +++ b/src/parser.y @@ -193,7 +193,7 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token BRIDGE "bridge" -%token ETH "eth" +%token ETHER "ether" %token SADDR "saddr" %token DADDR "daddr" %token TYPE "type" @@ -1392,7 +1392,7 @@ payload_base_spec : LL_HDR { $$ = PAYLOAD_BASE_LL_HDR; } | TRANSPORT_HDR { $$ = PAYLOAD_BASE_TRANSPORT_HDR; } ; -eth_hdr_expr : ETH eth_hdr_field +eth_hdr_expr : ETHER eth_hdr_field { $$ = payload_expr_alloc(&@$, &payload_eth, $2); } -- cgit v1.2.3 From 76482c13d0d04759e2982578a5477ef6fd180d90 Mon Sep 17 00:00:00 2001 From: Patrick McHardy Date: Wed, 15 Jan 2014 11:11:10 +0000 Subject: expr: remove secmark from ct and meta expression The secctx should be used instead of the secmark. Remove for now. Signed-off-by: Patrick McHardy --- src/parser.y | 3 --- 1 file changed, 3 deletions(-) (limited to 'src/parser.y') diff --git a/src/parser.y b/src/parser.y index 461eb3f9..86dfe3e8 100644 --- a/src/parser.y +++ b/src/parser.y @@ -291,7 +291,6 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token SKGID "skgid" %token NFTRACE "nftrace" %token RTCLASSID "rtclassid" -%token SECMARK "secmark" %token CT "ct" %token DIRECTION "direction" @@ -1329,7 +1328,6 @@ meta_key : LENGTH { $$ = NFT_META_LEN; } | SKGID { $$ = NFT_META_SKGID; } | NFTRACE { $$ = NFT_META_NFTRACE; } | RTCLASSID { $$ = NFT_META_RTCLASSID; } - | SECMARK { $$ = NFT_META_SECMARK; } ; meta_stmt : META meta_key SET expr @@ -1348,7 +1346,6 @@ ct_key : STATE { $$ = NFT_CT_STATE; } | DIRECTION { $$ = NFT_CT_DIRECTION; } | STATUS { $$ = NFT_CT_STATUS; } | MARK { $$ = NFT_CT_MARK; } - | SECMARK { $$ = NFT_CT_SECMARK; } | EXPIRATION { $$ = NFT_CT_EXPIRATION; } | HELPER { $$ = NFT_CT_HELPER; } | L3PROTOCOL { $$ = NFT_CT_L3PROTOCOL; } -- cgit v1.2.3 From 24879f1173e5778cc76507ae17df0cadb78e21a0 Mon Sep 17 00:00:00 2001 From: Patrick McHardy Date: Wed, 15 Jan 2014 07:35:20 +0000 Subject: meta: don't require "meta" keyword for a subset of meta expressions Don't require the meta keyword for mark, iif, oif, iifname, oifname, skuid, skgid, nftrace, rtclassid and secmark. The protocol and length types still need the meta keyword to avoid grammar conflicts. Signed-off-by: Patrick McHardy Conflicts: src/parser.y --- src/parser.y | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'src/parser.y') diff --git a/src/parser.y b/src/parser.y index 86dfe3e8..038282ec 100644 --- a/src/parser.y +++ b/src/parser.y @@ -450,7 +450,7 @@ static void location_update(struct location *loc, struct location *rhs, int n) %type meta_expr %destructor { expr_free($$); } meta_expr -%type meta_key +%type meta_key meta_key_qualified meta_key_unqualified %type ct_expr %destructor { expr_free($$); } ct_expr @@ -1312,12 +1312,22 @@ meta_expr : META meta_key { $$ = meta_expr_alloc(&@$, $2); } + | meta_key_unqualified + { + $$ = meta_expr_alloc(&@$, $1); + } + ; + +meta_key : meta_key_qualified + | meta_key_unqualified ; -meta_key : LENGTH { $$ = NFT_META_LEN; } +meta_key_qualified : LENGTH { $$ = NFT_META_LEN; } | PROTOCOL { $$ = NFT_META_PROTOCOL; } | PRIORITY { $$ = NFT_META_PRIORITY; } - | MARK { $$ = NFT_META_MARK; } + ; + +meta_key_unqualified : MARK { $$ = NFT_META_MARK; } | IIF { $$ = NFT_META_IIF; } | IIFNAME { $$ = NFT_META_IIFNAME; } | IIFTYPE { $$ = NFT_META_IIFTYPE; } @@ -1334,6 +1344,10 @@ meta_stmt : META meta_key SET expr { $$ = meta_stmt_alloc(&@$, $2, $4); } + | meta_key_unqualified SET expr + { + $$ = meta_stmt_alloc(&@$, $1, $3); + } ; ct_expr : CT ct_key -- cgit v1.2.3