add rule ip testNEW test6 jump test8
^^^^^
Error: invalid verdict chain expression value
Signed-off-by: Pablo Neira Ayuso <[email protected]>
---
src/evaluate.c | 14 +++-----------
1 file changed, 3 insertions(+), 11 deletions(-)
diff --git a/src/evaluate.c b/src/evaluate.c
index f95f42e1067a..cd566e856a11 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1984,17 +1984,9 @@ static int stmt_evaluate_verdict(struct eval_ctx *ctx,
struct stmt *stmt)
case EXPR_VERDICT:
if (stmt->expr->verdict != NFT_CONTINUE)
stmt->flags |= STMT_F_TERMINAL;
- if (stmt->expr->chain != NULL) {
- if (expr_evaluate(ctx, &stmt->expr->chain) < 0)
- return -1;
- if ((stmt->expr->chain->etype != EXPR_SYMBOL &&
- stmt->expr->chain->etype != EXPR_VALUE) ||
- stmt->expr->chain->symtype != SYMBOL_VALUE) {
- return stmt_error(ctx, stmt,
- "invalid verdict chain
expression %s\n",
- expr_name(stmt->expr->chain));
- }
- }
+ if (stmt->expr->chain != NULL &&
+ expr_evaluate(ctx, &stmt->expr->chain) < 0)
+ return -1;
break;
case EXPR_MAP:
break;
--
2.11.0
