| Message ID | 20210820101014.6182-1-pablo@netfilter.org |
|---|---|
| State | Superseded |
| Delegated to: | Pablo Neira |
| Headers | show |
| Series | [nft] parser_bison: restore variable expression in queue statement | expand |
diff --git a/src/parser_bison.y b/src/parser_bison.y index 83f0250a8744..6b87ece55a69 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -3792,6 +3792,7 @@ queue_stmt_arg : QUEUENUM queue_stmt_expr_simple queue_stmt_expr_simple : integer_expr | range_rhs_expr + | variable_expr ; queue_stmt_expr : numgen_expr diff --git a/tests/shell/testcases/nft-f/0022variables_0 b/tests/shell/testcases/nft-f/0022variables_0 index ee17a6272aa3..00ab550e4009 100755 --- a/tests/shell/testcases/nft-f/0022variables_0 +++ b/tests/shell/testcases/nft-f/0022variables_0 @@ -3,6 +3,7 @@ set -e RULESET="define test1 = @y +define ips_queue = 1 table ip x { set y { @@ -15,6 +16,7 @@ table ip x { add \$test1 { ip saddr } update \$test1 { ip saddr timeout 30s } ip saddr \$test1 + queue flags bypass num \$ips_queue } }" diff --git a/tests/shell/testcases/nft-f/dumps/0022variables_0.nft b/tests/shell/testcases/nft-f/dumps/0022variables_0.nft new file mode 100644 index 000000000000..6b87f8798287 --- /dev/null +++ b/tests/shell/testcases/nft-f/dumps/0022variables_0.nft @@ -0,0 +1,15 @@ +table ip x { + set y { + type ipv4_addr + size 65535 + flags dynamic,timeout + } + + chain z { + type filter hook input priority filter; policy accept; + add @y { ip saddr } + update @y { ip saddr timeout 30s } + ip saddr @y + queue flags bypass num 1 + } +}
define ips_queue = 0 add rule ip foo snortips queue num $ips_queue bypass And it gave error in nftables 1.0.0: /etc/nftables4.conf:19:49-54: Error: syntax error, unexpected bypass, expecting - add rule ip foo snortips queue num $ips_queue bypass Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- src/parser_bison.y | 1 + tests/shell/testcases/nft-f/0022variables_0 | 2 ++ .../testcases/nft-f/dumps/0022variables_0.nft | 15 +++++++++++++++ 3 files changed, 18 insertions(+) create mode 100644 tests/shell/testcases/nft-f/dumps/0022variables_0.nft