From 3edb96200690b804ceb76a9fb0ae441ed7d4d8f0 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 3 Apr 2019 23:40:04 +0200
Subject: parser_bison: missing tproxy syntax with port only for inet family

 # nft add rule inet filter divert ip daddr 0.0.0.0/0 meta l4proto tcp tproxy ip to :2000
 Error: syntax error, unexpected colon
 add rule inet filter divert ip daddr 0.0.0.0/0 meta l4proto tcp tproxy ip to :2000
                                                                              ^

Syntax with no protocol for tproxy complains with:

 # nft add rule inet filter divert ip daddr 0.0.0.0/0 meta l4proto tcp tproxy to :2000
 Error: Conflicting network layer protocols.
 add rule inet filter divert ip daddr 0.0.0.0/0 meta l4proto tcp tproxy to :2000
                                                                 ^^^^^^^^^^^^^^^

Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1310
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/parser_bison.y | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/parser_bison.y')

diff --git a/src/parser_bison.y b/src/parser_bison.y
index 65b3fb3e..50642b4e 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -2687,6 +2687,12 @@ tproxy_stmt		:	TPROXY TO stmt_expr
 				$$->tproxy.addr = $4;
 				$$->tproxy.port = $6;
 			}
+			|	TPROXY nf_key_proto	TO COLON stmt_expr
+			{
+				$$ = tproxy_stmt_alloc(&@$);
+				$$->tproxy.family = $2;
+				$$->tproxy.port = $5;
+			}
 			;
 
 primary_stmt_expr	:	symbol_expr		{ $$ = $1; }
-- 
cgit v1.2.3