Add a typeof keyword to automatically use the correct type in set and map
declarations.
table filter {
set blacklist {
typeof ip saddr
}
chain input {
ip saddr @blacklist counter drop
}
}
Signed-off-by: Pablo Neira Ayuso <pa...@netfilter.org>
---
src/parser_bison.y | 20 ++++++++++++++++++++
src/scanner.l | 1 +
2 files changed, 21 insertions(+)
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 53e669521efa..5a1a37679a29 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -206,6 +206,8 @@ int nft_lex(void *, void *, void *);
%token WSCALE "wscale"
%token SACKPERM "sack-perm"
+%token TYPEOF "typeof"
+
%token HOOK "hook"
%token DEVICE "device"
%token DEVICES "devices"
@@ -1624,6 +1626,12 @@ set_block : /* empty */ { $$ =
$<set>-1; }
$1->key = $3;
$$ = $1;
}
+ | set_block TYPEOF primary_expr
stmt_separator
+ {
+ $1->key = $3;
+ datatype_set($1->key, $3->dtype);
+ $$ = $1;
+ }
| set_block FLAGS set_flag_list
stmt_separator
{
$1->flags = $3;
@@ -1694,6 +1702,18 @@ map_block : /* empty */ { $$ =
$<set>-1; }
$1->flags |= NFT_SET_MAP;
$$ = $1;
}
+ | map_block TYPEOF
+ primary_expr COLON
primary_expr
+ stmt_separator
+ {
+ $1->key = $3;
+ datatype_set($1->key, $3->dtype);
+ $1->datatype = $5->dtype;
+
+ expr_free($5);
+ $1->flags |= NFT_SET_MAP;
+ $$ = $1;
+ }
| map_block TYPE
data_type_expr COLON COUNTER
stmt_separator
diff --git a/src/scanner.l b/src/scanner.l
index 4ed5f9241381..6a0f95776b38 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -238,6 +238,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
"define" { return DEFINE; }
"redefine" { return REDEFINE; }
"undefine" { return UNDEFINE; }
+"typeof" { return TYPEOF; }
"describe" { return DESCRIBE; }
--
2.11.0
