This patch series adds the typeof keyword.
The only dependency is a small change to libnftnl to add two new
UDATA_SET_TYPEOF enum values.
named set can be configured as follows:
set os {
type typeof(osf name)
elements = { "Linux", "Windows" }
}
or
nft add set ip filter allowed "{ type typeof(ip daddr) . typeof(tcp dport); }"
... which is the same as the "old" 'type ipv4_addr . inet_service".
The type is stored in the kernel via the udata set infrastructure,
on listing -- if a udata type is present -- nft will validate that this
type matches the set key length.
This initial submission doesn't include a documentation update because
I'd like to get feedback on the chosen syntax first.
Florian Westphal (8):
src: libnftnl: run single-initcalls only once
src: libnftnl: split nft_ctx_new/free
src: store expr, not dtype to track data in sets
src: parser: add syntax to provide bitsize for non-spcific types
src: add "typeof" keyword
src: add "typeof" print support
src: netlink: remove assertion
tests: add typeof test cases
include/datatype.h | 1
include/netlink.h | 1
include/nftables.h | 3
include/rule.h | 6
src/datatype.c | 5
src/evaluate.c | 58 ++++--
src/expression.c | 2
src/json.c | 4
src/libnftables.c | 48 +++--
src/mnl.c | 39 ++++
src/monitor.c | 2
src/netlink.c | 176 ++++++++++++++++++---
src/netlink_delinearize.c | 15 +
src/parser_bison.y | 26 ++-
src/parser_json.c | 8
src/rule.c | 35 +++-
src/scanner.l | 1
src/segtree.c | 8
tests/shell/testcases/maps/dumps/typeof_maps_0.nft | 16 +
tests/shell/testcases/maps/typeof_maps_0 | 26 +++
tests/shell/testcases/sets/dumps/typeof_sets_0.nft | 31 +++
tests/shell/testcases/sets/typeof_sets_0 | 40 ++++
22 files changed, 459 insertions(+), 92 deletions(-)
