From f11cf6d42f873513f0bb9b80edb6bfad2dda55eb Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 24 Aug 2016 15:58:57 +0200 Subject: src: add create set command Add support for the 'create' command, we already support this in other existing objects, so support this for sets too, eg. # nft add set x y { type ipv4_addr\; } # nft create set x y { type ipv4_addr\; } :1:1-35: Error: Could not process rule: File exists create set x y { type ipv4_addr; } ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ # nft add set x y { type ipv4_addr\; } # This command sets the NLM_F_EXCL netlink flag, so if the object already exists, nf_tables returns -EEXIST. This is changing the existing behaviour of 'nft add set' which was setting this flag, this is inconsistent with regards to the way other objects behave. Signed-off-by: Pablo Neira Ayuso --- src/parser_bison.y | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'src/parser_bison.y') diff --git a/src/parser_bison.y b/src/parser_bison.y index a3d93bf3..5d5ce8c6 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -774,6 +774,20 @@ create_cmd : TABLE table_spec close_scope(state); $$ = cmd_alloc(CMD_CREATE, CMD_OBJ_CHAIN, &$2, &@$, $5); } + | SET set_spec set_block_alloc + '{' set_block '}' + { + $5->location = @5; + handle_merge(&$3->handle, &$2); + $$ = cmd_alloc(CMD_CREATE, CMD_OBJ_SET, &$2, &@$, $5); + } + | MAP set_spec map_block_alloc + '{' map_block '}' + { + $5->location = @5; + handle_merge(&$3->handle, &$2); + $$ = cmd_alloc(CMD_CREATE, CMD_OBJ_SET, &$2, &@$, $5); + } ; insert_cmd : RULE rule_position rule -- cgit v1.2.3