Bail out if unit cannot be parsed:
ruleset.nft:5:77-106: Error: Wrong rate format, expecting bytes or kbytes or mbytes
add rule netdev firewall PROTECTED_IPS update @quota_temp_before { ip daddr quota over 45000 mbytes/second } add @quota_trigger { ip daddr }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
improve error reporting while at this.
Fixes: 6615676d825e ("src: add per-bytes limit")
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
src/datatype.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/datatype.c b/src/datatype.c
index d398a9c8c618..8879ff0523e8 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -1485,14 +1485,14 @@ static struct error_record *time_unit_parse(const struct location *loc,
struct error_record *data_unit_parse(const struct location *loc,
const char *str, uint64_t *rate)
{
- if (strncmp(str, "bytes", strlen("bytes")) == 0)
+ if (strcmp(str, "bytes") == 0)
*rate = 1ULL;
- else if (strncmp(str, "kbytes", strlen("kbytes")) == 0)
+ else if (strcmp(str, "kbytes") == 0)
*rate = 1024;
- else if (strncmp(str, "mbytes", strlen("mbytes")) == 0)
+ else if (strcmp(str, "mbytes") == 0)
*rate = 1024 * 1024;
else
- return error(loc, "Wrong rate format");
+ return error(loc, "Wrong unit format, expecting bytes or kbytes or mbytes");
return NULL;
}
--
2.30.2
