Comments below.
On 10/15/18 2:47 PM, Pablo Neira Ayuso wrote:
Please send a v3 including tests/py. More comments below.
On Sat, Sep 29, 2018 at 12:15:17PM +0200, Fernando Fernandez Mancera wrote:
Add support for ttl option in "osf" expression. Example:
table ip foo {
chain bar {
type filter hook input priority filter; policy accept;
osf ttl nocheck name "Linux"
Listing and output should match, ie. what you list should work with
nft -f, see below.
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 831090b..a7ec858 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -739,6 +739,7 @@ int nft_lex(void *, void *, void *);
%type <val> fib_tuple fib_result fib_flag
%type <expr> osf_expr
+%type <val> osf_ttl
%destructor { expr_free($$); } osf_expr
%type <val> markup_format
@@ -3112,9 +3113,21 @@ fib_tuple : fib_flag DOT fib_tuple
| fib_flag
;
-osf_expr : OSF NAME
+osf_expr : OSF osf_ttl NAME
{
- $$ = osf_expr_alloc(&@$);
+ $$ = osf_expr_alloc(&@$, $2);
+ }
+ ;
+
+osf_ttl : /* empty */ { $$ = 0; }
+ | STRING
+ {
+ if (!strcmp($1, "ttl-global"))
This should be "global". But I would suggest you rename this to "loose".
+ $$ = 1;
Can we use NFT_OSF_* definitions, instead of magic number?
+ else if (!strcmp($1, "ttl-nocheck"))
This should be "nocheck". But I'd suggest you rename this to "skip"
+ $$ = 2;
Same here, avoid magic number, use definition.
+ else
+ $$ = 3;
Same thing.
I am going to add the necessary NFT_OSF_* definitions in the nf_tables.h
header. The options format is "ttl-*" because "global" or "loose" could
be confusing. Do you prefer the option without "ttl-"?
Thanks.
