@@ -206,6 +206,8 @@ int nft_lex(void *, void *, void *);
%token WSCALE "wscale"
%token SACKPERM "sack-perm"
+%token TYPEOF "typeof"
+
%token HOOK "hook"
%token DEVICE "device"
%token DEVICES "devices"
@@ -1624,6 +1626,12 @@ set_block : /* empty */ { $$ = $<set>-1; }
$1->key = $3;
$$ = $1;
}
+ | set_block TYPEOF primary_expr stmt_separator
+ {
+ $1->key = $3;
+ datatype_set($1->key, $3->dtype);
+ $$ = $1;
+ }
| set_block FLAGS set_flag_list stmt_separator
{
$1->flags = $3;
@@ -1694,6 +1702,18 @@ map_block : /* empty */ { $$ = $<set>-1; }
$1->flags |= NFT_SET_MAP;
$$ = $1;
}
+ | map_block TYPEOF
+ primary_expr COLON primary_expr
+ stmt_separator
+ {
+ $1->key = $3;
+ datatype_set($1->key, $3->dtype);
+ $1->datatype = $5->dtype;
+
+ expr_free($5);
+ $1->flags |= NFT_SET_MAP;
+ $$ = $1;
+ }
| map_block TYPE
data_type_expr COLON COUNTER
stmt_separator
@@ -238,6 +238,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
"define" { return DEFINE; }
"redefine" { return REDEFINE; }
"undefine" { return UNDEFINE; }
+"typeof" { return TYPEOF; }
"describe" { return DESCRIBE; }
Add a typeof keyword to automatically use the correct type in set and map declarations. table filter { set blacklist { typeof ip saddr } chain input { ip saddr @blacklist counter drop } } Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- src/parser_bison.y | 20 ++++++++++++++++++++ src/scanner.l | 1 + 2 files changed, 21 insertions(+)