From 2b1a0db97d40b1b9d9240ac0bb0cc771eb359516 Mon Sep 17 00:00:00 2001
From: Liping Zhang <liping.zhang@spreadtrum.com>
Date: Thu, 22 Sep 2016 22:34:52 +0800
Subject: src: support ct l3proto/protocol without direction syntax

Acctually, ct l3proto and ct protocol are unrelated to direction, so
it's unnecessary that we must specify dir if we want to use them.

Now add support that we can match ct l3proto/protocol without direction:
  # nft add rule filter input ct l3proto ipv4
  # nft add rule filter output ct protocol 17

Note: existing syntax is still preserved, so "ct reply l3proto ipv6"
is still fine.

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/parser_bison.y | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/parser_bison.y')

diff --git a/src/parser_bison.y b/src/parser_bison.y
index aac10dcc..36dbc8d8 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -2513,6 +2513,8 @@ ct_key			:	STATE		{ $$ = NFT_CT_STATE; }
 			|	EXPIRATION	{ $$ = NFT_CT_EXPIRATION; }
 			|	HELPER		{ $$ = NFT_CT_HELPER; }
 			|	LABEL		{ $$ = NFT_CT_LABELS; }
+			|	L3PROTOCOL	{ $$ = NFT_CT_L3PROTOCOL; }
+			|	PROTOCOL	{ $$ = NFT_CT_PROTOCOL; }
 			|	ct_key_counters
 			;
 ct_key_dir		:	SADDR		{ $$ = NFT_CT_SRC; }
-- 
cgit v1.2.3