This series allows (almost) arbitrary chain names. Unsolved problem: nft has implict 'rule add' behaviour, e.g. 'nft add rule ip filter input foo ip saddr 1.2.3.4 drop' can be written like 'nft ip filter input foo ip saddr 1.2.3.4 drop' or even 'nft filter input foo ip saddr 1.2.3.4 drop'. IOW, the scanner cannot switch to the exclusive rule scope added in patch 5 to allow for arbitrary names. Patch 6 resolves this by switching state from bison, but this requires to add future tokens to a special whitelist. It might be better to omit patch 6 and/or deprecate the implicit rule add behaviour. See patch 6 for details. Florian Westphal (6): scanner: add support for scope nesting scanner: counter: move to own scope scanner: log: move to own scope scanner: support arbitary table names scanner: support arbitrary chain names src: allow arbitary chain name in implicit rule add case include/parser.h | 12 ++++ src/parser_bison.y | 97 ++++++++++++++++++------- src/scanner.l | 173 +++++++++++++++++++++++++++++++++++++++++---- 3 files changed, 241 insertions(+), 41 deletions(-) -- 2.26.2
