From c5ecdbf752ce0505a6696489d6df03b88cb56b0a Mon Sep 17 00:00:00 2001 From: Laura Garcia Liebana Date: Thu, 15 Mar 2018 09:23:21 +0100 Subject: src: support of dynamic map addition and update of elements The support of dynamic adds and updates are only available for sets and meters. This patch gives such abilities to maps as well. This patch is useful in cases where dynamic population of maps are required, for example, to maintain a persistence during some period of time. Example: table ip nftlb { map persistencia { type ipv4_addr : mark timeout 1h elements = { 192.168.1.132 expires 59m55s : 0x00000064, 192.168.56.101 expires 59m24s : 0x00000065 } } chain pre { type nat hook prerouting priority 0; policy accept; map update \ { @nh,96,32 : numgen inc mod 2 offset 100 } @persistencia } } An example of the netlink generated sequence: nft --debug=netlink add rule ip nftlb pre map add \ { ip saddr : numgen inc mod 2 offset 100 } @persistencia ip nftlb pre [ payload load 4b @ network header + 12 => reg 1 ] [ numgen reg 2 = inc mod 2 offset 100 ] [ dynset add reg_key 1 set persistencia sreg_data 2 ] Signed-off-by: Laura Garcia Liebana Signed-off-by: Pablo Neira Ayuso --- src/parser_bison.y | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'src/parser_bison.y') diff --git a/src/parser_bison.y b/src/parser_bison.y index 5f84d794..6fba7e59 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -577,6 +577,8 @@ int nft_lex(void *, void *, void *); %type set_stmt %destructor { stmt_free($$); } set_stmt %type set_stmt_op +%type map_stmt +%destructor { stmt_free($$); } map_stmt %type meter_stmt meter_stmt_alloc flow_stmt_legacy_alloc %destructor { stmt_free($$); } meter_stmt meter_stmt_alloc flow_stmt_legacy_alloc @@ -2046,6 +2048,7 @@ stmt : verdict_stmt | dup_stmt | fwd_stmt | set_stmt + | map_stmt ; verdict_stmt : verdict_expr @@ -2716,6 +2719,15 @@ set_stmt_op : ADD { $$ = NFT_DYNSET_OP_ADD; } | UPDATE { $$ = NFT_DYNSET_OP_UPDATE; } ; +map_stmt : set_stmt_op MAP '{' set_elem_expr_stmt COLON set_elem_expr_stmt '}' symbol_expr + { + $$ = map_stmt_alloc(&@$); + $$->map.op = $1; + $$->map.map = map_expr_alloc(&@$, $4, $6); + $$->map.set = $8; + } + ; + meter_stmt : flow_stmt_legacy_alloc flow_stmt_opts '{' meter_key_expr stmt '}' { $1->meter.key = $4; -- cgit v1.2.3