# cat /tmp/x
table x {
set y {
type ipv4_addr
elements = {
1.1.1.1 counter packets 1 bytes 67,
}
}
}
# nft -f /tmp/x
/tmp/x:5:12-18: Error: missing counter statement in set definition
1.1.1.1 counter packets 1 bytes 67,
^^^^^^^^^^^^^^^^^^^^^^^^^^
Instead, this should be:
table x {
set y {
type ipv4_addr
counter <-------
elements = {
1.1.1.1 counter packets 1 bytes 67,
}
}
}
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
src/evaluate.c | 22 +++++++++++++++-------
1 file changed, 15 insertions(+), 7 deletions(-)
diff --git a/src/evaluate.c b/src/evaluate.c
index 6325f52e49ff..8b03e1f3cfb8 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -1310,13 +1310,21 @@ static int expr_evaluate_set_elem(struct eval_ctx *ctx, struct expr **expr)
struct set *set = ctx->set;
struct expr *elem = *expr;
- if (elem->stmt && set->stmt && set->stmt->ops != elem->stmt->ops)
- return stmt_binary_error(ctx, set->stmt, elem,
- "statement mismatch, element expects %s, "
- "%s has type %s",
- elem->stmt->ops->name,
- set_is_map(set->flags) ? "map" : "set",
- set->stmt->ops->name);
+ if (elem->stmt) {
+ if (set->stmt && set->stmt->ops != elem->stmt->ops) {
+ return stmt_error(ctx, elem->stmt,
+ "statement mismatch, element expects %s, "
+ "but %s has type %s",
+ elem->stmt->ops->name,
+ set_is_map(set->flags) ? "map" : "set",
+ set->stmt->ops->name);
+ } else if (!set->stmt && !(set->flags & NFT_SET_EVAL)) {
+ return stmt_error(ctx, elem->stmt,
+ "missing %s statement in %s definition",
+ elem->stmt->ops->name,
+ set_is_map(set->flags) ? "map" : "set");
+ }
+ }
if (expr_evaluate(ctx, &elem->key) < 0)
return -1;
--
2.11.0
