This patch introduces the use of nft input files variables in 'jump' and 'goto'
statements, e.g.
define dest = ber
add table ip foo
add chain ip foo bar {type filter hook input priority 0;}
add chain ip foo ber
add rule ip foo ber counter
add rule ip foo bar jump $dest
table ip foo {
chain bar {
type filter hook input priority filter; policy accept;
jump ber
}
chain ber {
counter packets 71 bytes 6664
}
}
Signed-off-by: Fernando Fernandez Mancera <[email protected]>
---
src/datatype.c | 11 +++++++++++
src/parser_bison.y | 6 +++++-
2 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/src/datatype.c b/src/datatype.c
index 6aaf9ea..7e9ec5e 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -297,11 +297,22 @@ static void verdict_type_print(const struct expr *expr,
struct output_ctx *octx)
}
}
+static struct error_record *verdict_type_parse(const struct expr *sym,
+ struct expr **res)
+{
+ *res = constant_expr_alloc(&sym->location, &string_type,
+ BYTEORDER_HOST_ENDIAN,
+ (strlen(sym->identifier) + 1) *
BITS_PER_BYTE,
+ sym->identifier);
+ return NULL;
+}
+
const struct datatype verdict_type = {
.type = TYPE_VERDICT,
.name = "verdict",
.desc = "netfilter verdict",
.print = verdict_type_print,
+ .parse = verdict_type_parse,
};
static const struct symbol_table nfproto_tbl = {
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 69b5773..a955cb5 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -3841,7 +3841,11 @@ verdict_expr : ACCEPT
}
;
-chain_expr : identifier
+chain_expr : variable_expr
+ {
+ $$ = $1;
+ }
+ | identifier
{
$$ = constant_expr_alloc(&@$, &string_type,
BYTEORDER_HOST_ENDIAN,
--
2.20.1
