[PATCH nft 4/5] src: rename meta secpath to meta ipsec

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



for symmetry with 'rt ipsec'.  "meta secpath" still works.

Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
---
 doc/primary-expression.txt   | 6 +++---
 src/meta.c                   | 5 ++++-
 src/parser_bison.y           | 1 +
 tests/py/inet/meta.t         | 4 ++--
 tests/py/inet/meta.t.payload | 2 +-
 5 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/doc/primary-expression.txt b/doc/primary-expression.txt
index 5024a11faf39..e404e5423a01 100644
--- a/doc/primary-expression.txt
+++ b/doc/primary-expression.txt
@@ -4,7 +4,7 @@ META EXPRESSIONS
 *meta* {length | nfproto | l4proto | protocol | priority}
 [meta] {mark | iif | iifname | iiftype | oif | oifname | oiftype |
 skuid | skgid | nftrace | rtclassid | ibrname | obrname | pkttype | cpu
-| iifgroup | oifgroup | cgroup | random | secpath}
+| iifgroup | oifgroup | cgroup | random | ipsec}
 
 A meta expression refers to meta data associated with a packet.
 
@@ -88,7 +88,7 @@ integer (32 bit)
 |random|
 pseudo-random number|
 integer (32 bit)
-|secpath|
+|ipsec|
 boolean|
 boolean (1 bit)
 |====================
@@ -124,7 +124,7 @@ filter output meta oif eth0
 filter output oif eth0
 
 # packed was subject to ipsec processing
-raw prerouting meta secpath exists accept
+raw prerouting meta ipsec exists accept
 -----------------------
 
 SOCKET EXPRESSION
diff --git a/src/meta.c b/src/meta.c
index 1bd91db275d6..3677561bd137 100644
--- a/src/meta.c
+++ b/src/meta.c
@@ -442,7 +442,7 @@ const struct meta_template meta_templates[] = {
 	[NFT_META_PRANDOM]	= META_TEMPLATE("random",    &integer_type,
 						4 * BITS_PER_BYTE,
 						BYTEORDER_BIG_ENDIAN), /* avoid conversion; doesn't have endianess */
-	[NFT_META_SECPATH]	= META_TEMPLATE("secpath", &boolean_type,
+	[NFT_META_SECPATH]	= META_TEMPLATE("ipsec", &boolean_type,
 						BITS_PER_BYTE, BYTEORDER_HOST_ENDIAN),
 };
 
@@ -665,6 +665,9 @@ struct error_record *meta_key_parse(const struct location *loc,
 	} else if (strcmp(str, "obriport") == 0) {
 		*value = NFT_META_BRI_OIFNAME;
 		return NULL;
+	} else if (strcmp(str, "secpath") == 0) {
+		*value = NFT_META_SECPATH;
+		return NULL;
 	}
 
 	len = (int)sizeof(buf);
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 32d61b3b6723..5fd304a9381f 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -3726,6 +3726,7 @@ meta_key_unqualified	:	MARK		{ $$ = NFT_META_MARK; }
 			|       IIFGROUP	{ $$ = NFT_META_IIFGROUP; }
 			|       OIFGROUP	{ $$ = NFT_META_OIFGROUP; }
 			|       CGROUP		{ $$ = NFT_META_CGROUP; }
+			|       IPSEC		{ $$ = NFT_META_SECPATH; }
 			;
 
 meta_stmt		:	META	meta_key	SET	stmt_expr
diff --git a/tests/py/inet/meta.t b/tests/py/inet/meta.t
index 644a96fdf185..df32332f0621 100644
--- a/tests/py/inet/meta.t
+++ b/tests/py/inet/meta.t
@@ -12,7 +12,7 @@ meta nfproto ipv4 tcp dport 22;ok
 meta nfproto ipv4 ip saddr 1.2.3.4;ok;ip saddr 1.2.3.4
 meta nfproto ipv6 meta l4proto tcp;ok;meta nfproto ipv6 meta l4proto 6
 meta nfproto ipv4 counter ip saddr 1.2.3.4;ok
-meta secpath exists;ok
-meta secpath missing;ok
+meta ipsec exists;ok
+meta secpath missing;ok;meta ipsec missing
 meta ibrname "br0";fail
 meta obrname "br0";fail
diff --git a/tests/py/inet/meta.t.payload b/tests/py/inet/meta.t.payload
index 2d0a66fa5cf5..d7ff7e2d41fa 100644
--- a/tests/py/inet/meta.t.payload
+++ b/tests/py/inet/meta.t.payload
@@ -64,7 +64,7 @@ inet test-inet input
   [ payload load 4b @ network header + 12 => reg 1 ]
   [ cmp eq reg 1 0x04030201 ]
 
-# meta secpath exists
+# meta ipsec exists
 inet test-inet input
   [ meta load secpath => reg 1 ]
   [ cmp eq reg 1 0x00000001 ]
-- 
2.16.4




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux