On Tue, Jun 10, 2014 at 01:28:23PM +0200, Alvaro Neira Ayuso wrote:
> This patch allows to use a new syntax more compact and break
> the last syntax. This new syntax is more similar than the nftables
> syntax that we use usually. We can use range like we have used in
> other case in nftables. Here, we have some examples:
>
> Before, If we want to declare a queue, we have used a syntax like this:
>
> nft add rule test input queue num 1 total 3 options bypass,fanout
>
> If we want to use the queue number 1 and the two next (total 3),
> we use a range in the new syntax, for example:
>
> nft add rule test input queue num 1-3 bypass fanout
>
> Also if we want to use only one queue, the new rules are like:
>
> nft add rule test input queue num 1 //queue 1
> or
> nft add rule test input queue //queue 0
>
> And if we want to add a specific flags we only need to put
> what flags we want to use:
>
> nft add rule test input queue bypass
>
> we don't need to use options and the comma for stablishing the
> flags.
>
> Signed-off-by: Alvaro Neira Ayuso <alvaroneay@xxxxxxxxx>
> ---
> include/statement.h | 4 ++--
> src/netlink_delinearize.c | 9 ++++++---
> src/netlink_linearize.c | 13 ++++++++++---
> src/parser.y | 40 ++++++++++++++++++++++++----------------
> src/scanner.l | 2 --
> src/statement.c | 23 ++++++++---------------
> 6 files changed, 50 insertions(+), 41 deletions(-)
>
> diff --git a/include/statement.h b/include/statement.h
> index 896b972..480b719 100644
> --- a/include/statement.h
> +++ b/include/statement.h
> @@ -60,8 +60,8 @@ struct nat_stmt {
> extern struct stmt *nat_stmt_alloc(const struct location *loc);
>
> struct queue_stmt {
> - uint16_t queuenum;
> - uint16_t queues_total;
> + uint16_t from;
> + uint16_t to;
> uint16_t flags;
> };
>
> diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
> index ea33308..aa47d5f 100644
> --- a/src/netlink_delinearize.c
> +++ b/src/netlink_delinearize.c
> @@ -541,11 +541,14 @@ static void netlink_parse_queue(struct netlink_parse_ctx *ctx,
> const struct nft_rule_expr *nle)
> {
> struct stmt *stmt;
> + uint16_t range_to;
>
> stmt = queue_stmt_alloc(loc);
> - stmt->queue.queuenum = nft_rule_expr_get_u16(nle, NFT_EXPR_QUEUE_NUM);
> - stmt->queue.queues_total =
> - nft_rule_expr_get_u16(nle, NFT_EXPR_QUEUE_TOTAL);
> + stmt->queue.from = nft_rule_expr_get_u16(nle, NFT_EXPR_QUEUE_NUM);
> + range_to = nft_rule_expr_get_u16(nle, NFT_EXPR_QUEUE_TOTAL);
> + range_to += stmt->queue.from - 1;
> +
> + stmt->queue.to = range_to;
> stmt->queue.flags = nft_rule_expr_get_u16(nle, NFT_EXPR_QUEUE_FLAGS);
> list_add_tail(&stmt->list, &ctx->rule->stmts);
> }
> diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
> index 19153fd..9b6eed6 100644
> --- a/src/netlink_linearize.c
> +++ b/src/netlink_linearize.c
> @@ -683,15 +683,22 @@ static void netlink_gen_queue_stmt(struct netlink_linearize_ctx *ctx,
> const struct stmt *stmt)
> {
> struct nft_rule_expr *nle;
> + uint16_t total_queues;
>
> nle = alloc_nft_expr("queue");
>
> nft_rule_expr_set_u16(nle, NFT_EXPR_QUEUE_NUM,
> - stmt->queue.queuenum);
> - if (stmt->queue.queues_total) {
> + stmt->queue.from);
> +
> + if (stmt->queue.to >= stmt->queue.from) {
> + total_queues = stmt->queue.to - stmt->queue.from;
> nft_rule_expr_set_u16(nle, NFT_EXPR_QUEUE_TOTAL,
> - stmt->queue.queues_total);
> + total_queues + 1);
> + } else {
> + BUG("invalid queue interval %u-%u\n", stmt->queue.from,
> + stmt->queue.to);
You can control this error case in the parser.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
