From patchwork Tue May 20 09:17:32 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Pablo Neira Ayuso <pablo@netfilter.org>
X-Patchwork-Id: 350613
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 1F2F1140080
	for <incoming@patchwork.ozlabs.org>;
	Tue, 20 May 2014 19:17:48 +1000 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752952AbaETJRp (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Tue, 20 May 2014 05:17:45 -0400
Received: from mail.us.es ([193.147.175.20]:58891 "EHLO mail.us.es"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1752950AbaETJRo (ORCPT <rfc822; netfilter-devel@vger.kernel.org>);
	Tue, 20 May 2014 05:17:44 -0400
Received: (qmail 8263 invoked from network); 20 May 2014 11:17:41 +0200
Received: from unknown (HELO us.es) (192.168.2.11)
	by us.es with SMTP; 20 May 2014 11:17:41 +0200
Received: (qmail 9886 invoked by uid 507); 20 May 2014 09:17:41 -0000
X-Qmail-Scanner-Diagnostics: from 127.0.0.1 by antivirus1 (envelope-from
	<pablo@netfilter.org>, uid 501) with qmail-scanner-2.10
	(clamdscan: 0.98.3/19005. spamassassin: 3.3.2.  
	Clear:RC:1(127.0.0.1):SA:0(-101.2/7.5):.
	Processed in 2.685801 secs); 20 May 2014 09:17:41 -0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on antivirus1
X-Spam-Level: 
X-Spam-Status: No, score=-101.2 required=7.5 tests=BAYES_50,SMTPAUTH_US,
	USER_IN_WHITELIST autolearn=disabled version=3.3.2
X-Spam-ASN: AS12715 87.216.0.0/16
X-Envelope-From: pablo@netfilter.org
Received: from unknown (HELO antivirus1) (127.0.0.1)
	by us.es with SMTP; 20 May 2014 09:17:38 -0000
Received: from 192.168.1.13 (192.168.1.13)
	by antivirus1 (F-Secure/fsigk_smtp/412/antivirus1);
	Tue, 20 May 2014 11:17:38 +0200 (CEST)
X-Virus-Status: clean(F-Secure/fsigk_smtp/412/antivirus1)
Received: (qmail 31561 invoked from network); 20 May 2014 11:17:38 +0200
Received: from 186.169.216.87.static.jazztel.es (HELO localhost.localdomain)
	(pneira@us.es@87.216.169.186)
	by mail.us.es with SMTP; 20 May 2014 11:17:38 +0200
From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: arturo.borrero.glez@gmail.com, kaber@trash.net
Subject: [PATCH nft] parser: remove the "new" and "destroy" tokens from the
	scanner
Date: Tue, 20 May 2014 11:17:32 +0200
Message-Id: <1400577452-6087-1-git-send-email-pablo@netfilter.org>
X-Mailer: git-send-email 1.7.10.4
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

These new tokens were introduced in f9563c0 ("src: add events reporting")
to allow filtering based on the event type.

This confuses the parser when parsing the "new" token:

test:32:33-35: Error: syntax error, unexpected new
add rule filter output ct state new,established counter
                                ^^^

This patch fixes this by replacing these event type tokens by the
generic string token, which is then interpreted during the parsing.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/parser.y  |  209 ++++++++++++++++++++++++++++++++++++++++++++-------------
 src/scanner.l |    2 -
 2 files changed, 164 insertions(+), 47 deletions(-)

diff --git a/src/parser.y b/src/parser.y
index 9c20737..03bbb92 100644
--- a/src/parser.y
+++ b/src/parser.y
@@ -92,6 +92,21 @@ static void location_update(struct location *loc, struct location *rhs, int n)
 
 #define YYLLOC_DEFAULT(Current, Rhs, N)	location_update(&Current, Rhs, N)
 
+enum {
+	NFT_EVENT_NEW	= 0,
+	NFT_EVENT_DEL,
+};
+
+static int monitor_lookup_event(const char *event)
+{
+	if (strcmp(event, "new") == 0)
+		return NFT_EVENT_NEW;
+	else if (strcmp(event, "destroy") == 0)
+		return NFT_EVENT_DEL;
+
+	return -1;
+}
+
 %}
 
 /* Declaration section */
@@ -171,8 +186,6 @@ static void location_update(struct location *loc, struct location *rhs, int n)
 %token ELEMENT			"element"
 %token MAP			"map"
 %token HANDLE			"handle"
-%token NEW			"new"
-%token DESTROY			"destroy"
 
 %token INET			"inet"
 
@@ -777,64 +790,170 @@ monitor_cmd		:	monitor_flags	output_format
 
 monitor_flags		:	/* empty */
 			{
-				$$ |= (1 << NFT_MSG_NEWRULE);
-				$$ |= (1 << NFT_MSG_DELRULE);
-				$$ |= (1 << NFT_MSG_NEWSET);
-				$$ |= (1 << NFT_MSG_DELSET);
-				$$ |= (1 << NFT_MSG_NEWSETELEM);
-				$$ |= (1 << NFT_MSG_DELSETELEM);
-				$$ |= (1 << NFT_MSG_NEWCHAIN);
-				$$ |= (1 << NFT_MSG_DELCHAIN);
-				$$ |= (1 << NFT_MSG_NEWTABLE);
-				$$ |= (1 << NFT_MSG_DELTABLE);
-			}
-			|	NEW
-			{
-				$$ |= (1 << NFT_MSG_NEWRULE);
-				$$ |= (1 << NFT_MSG_NEWSET);
-				$$ |= (1 << NFT_MSG_NEWSETELEM);
-				$$ |= (1 << NFT_MSG_NEWCHAIN);
-				$$ |= (1 << NFT_MSG_NEWTABLE);
-			}
-			|	DESTROY
-			{
-				$$ |= (1 << NFT_MSG_DELRULE);
-				$$ |= (1 << NFT_MSG_DELSET);
-				$$ |= (1 << NFT_MSG_DELSETELEM);
-				$$ |= (1 << NFT_MSG_DELCHAIN);
-				$$ |= (1 << NFT_MSG_DELTABLE);
+				$$ = (1 << NFT_MSG_NEWRULE)	|
+				     (1 << NFT_MSG_DELRULE)	|
+				     (1 << NFT_MSG_NEWSET)	|
+				     (1 << NFT_MSG_DELSET)	|
+				     (1 << NFT_MSG_NEWSETELEM)	|
+				     (1 << NFT_MSG_DELSETELEM)	|
+				     (1 << NFT_MSG_NEWCHAIN)	|
+				     (1 << NFT_MSG_DELCHAIN)	|
+				     (1 << NFT_MSG_NEWTABLE)	|
+				     (1 << NFT_MSG_DELTABLE);
+			}
+			|	STRING
+			{
+				int event;
+
+				event = monitor_lookup_event($1);
+				if (event < 0) {
+					erec_queue(error(&@1, "unknown event type %s", $1),
+						   state->msgs);
+					YYERROR;
+				}
+
+				switch (event) {
+				case NFT_EVENT_NEW:
+					$$ = (1 << NFT_MSG_NEWTABLE)	|
+					     (1 << NFT_MSG_NEWCHAIN)	|
+					     (1 << NFT_MSG_NEWRULE)	|
+					     (1 << NFT_MSG_NEWSET)	|
+					     (1 << NFT_MSG_NEWSETELEM);
+					break;
+				case NFT_EVENT_DEL:
+					$$ = (1 << NFT_MSG_DELTABLE)	|
+					     (1 << NFT_MSG_DELCHAIN)	|
+					     (1 << NFT_MSG_DELRULE)	|
+					     (1 << NFT_MSG_DELSET)	|
+					     (1 << NFT_MSG_DELSETELEM);
+					break;
+				}
 			}
 			|	TABLES
 			{
-				$$ |= (1 << NFT_MSG_NEWTABLE);	$$ |= (1 << NFT_MSG_DELTABLE);
+				$$ = (1 << NFT_MSG_NEWTABLE) |
+				     (1 << NFT_MSG_DELTABLE);
 			}
-			|	NEW 	TABLES 	{	$$ |= (1 << NFT_MSG_NEWTABLE); }
-			|	DESTROY	TABLES	{	$$ |= (1 << NFT_MSG_DELTABLE); }
-			|	CHAIN
+			|	STRING 	TABLES
 			{
-				$$ |= (1 << NFT_MSG_NEWCHAIN);	$$ |= (1 << NFT_MSG_DELCHAIN);
+				int event;
+
+				event = monitor_lookup_event($1);
+				if (event < 0) {
+					erec_queue(error(&@1, "unknown event type %s", $1),
+						   state->msgs);
+					YYERROR;
+				}
+
+				switch (event) {
+				case NFT_EVENT_NEW:
+					$$ = (1 << NFT_MSG_NEWTABLE);
+					break;
+				case NFT_EVENT_DEL:
+					$$ = (1 << NFT_MSG_DELTABLE);
+					break;
+				}
+			}
+			|	CHAINS
+			{
+				$$ = (1 << NFT_MSG_NEWCHAIN) |
+				     (1 << NFT_MSG_DELCHAIN);
+			}
+			|	STRING	CHAINS
+			{
+				int event;
+
+				event = monitor_lookup_event($1);
+				if (event < 0) {
+					erec_queue(error(&@1, "unknown event type %s", $1),
+						   state->msgs);
+					YYERROR;
+				}
+
+				switch (event) {
+				case NFT_EVENT_NEW:
+					$$ = (1 << NFT_MSG_NEWCHAIN);
+					break;
+				case NFT_EVENT_DEL:
+					$$ = (1 << NFT_MSG_DELCHAIN);
+					break;
+				}
 			}
-			|	NEW	CHAINS	{	$$ |= (1 << NFT_MSG_NEWCHAIN); }
-			|	DESTROY	CHAINS	{	$$ |= (1 << NFT_MSG_DELCHAIN); }
 			|	SETS
 			{
-				$$ |= (1 << NFT_MSG_NEWSET);	$$ |= (1 << NFT_MSG_DELSET);
+				$$ = (1 << NFT_MSG_NEWSET) |
+				     (1 << NFT_MSG_DELSET);
+			}
+			|	STRING	SETS
+			{
+				int event;
+
+				event = monitor_lookup_event($1);
+				if (event < 0) {
+					erec_queue(error(&@1, "unknown event type %s", $1),
+						   state->msgs);
+					YYERROR;
+				}
+
+				switch (event) {
+				case NFT_EVENT_NEW:
+					$$ = (1 << NFT_MSG_NEWSET);
+					break;
+				case NFT_EVENT_DEL:
+					$$ = (1 << NFT_MSG_DELSET);
+					break;
+				}
 			}
-			|	NEW	SETS 	{ 	$$ |= (1 << NFT_MSG_NEWSET); }
-			|	DESTROY SETS	{	$$ |= (1 << NFT_MSG_DELSET); }
 			|	RULE
 			{
-				$$ |= (1 << NFT_MSG_NEWRULE);	$$ |= (1 << NFT_MSG_DELRULE);
+				$$ = (1 << NFT_MSG_NEWRULE) |
+				     (1 << NFT_MSG_DELRULE);
+			}
+			|	STRING 	RULES
+			{
+				int event;
+
+				event = monitor_lookup_event($1);
+				if (event < 0) {
+					erec_queue(error(&@1, "unknown event type %s", $1),
+						   state->msgs);
+					YYERROR;
+				}
+
+				switch (event) {
+				case NFT_EVENT_NEW:
+					$$ = (1 << NFT_MSG_NEWRULE);
+					break;
+				case NFT_EVENT_DEL:
+					$$ = (1 << NFT_MSG_DELRULE);
+					break;
+				}
 			}
-			|	NEW 	RULES	{	$$ |= (1 << NFT_MSG_NEWRULE); }
-			|	DESTROY RULES	{	$$ |= (1 << NFT_MSG_DELRULE); }
 			|	ELEMENTS
 			{
-				$$ |= (1 << NFT_MSG_NEWSETELEM);
-				$$ |= (1 << NFT_MSG_DELSETELEM);
+				$$ = (1 << NFT_MSG_NEWSETELEM) |
+				     (1 << NFT_MSG_DELSETELEM);
+			}
+			|	STRING	ELEMENTS
+			{
+				int event;
+
+				event = monitor_lookup_event($1);
+				if (event < 0) {
+					erec_queue(error(&@1, "unknown event type %s", $1),
+						   state->msgs);
+					YYERROR;
+				}
+
+				switch (event) {
+				case NFT_EVENT_NEW:
+					$$ = (1 << NFT_MSG_NEWSETELEM);
+					break;
+				case NFT_EVENT_DEL:
+					$$ = (1 << NFT_MSG_DELSETELEM);
+					break;
+				}
 			}
-			|	NEW	ELEMENTS	{	$$ |= (1 << NFT_MSG_NEWSETELEM); }
-			|	DESTROY ELEMENTS	{	$$ |= (1 << NFT_MSG_DELSETELEM); }
 			;
 
 output_format		:	/* empty */
diff --git a/src/scanner.l b/src/scanner.l
index 801c030..86bc519 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -240,8 +240,6 @@ addrstring	({macaddr}|{ip4addr}|{ip6addr})
 "element"		{ return ELEMENT; }
 "map"			{ return MAP; }
 "handle"		{ return HANDLE; }
-"new"			{ return NEW; }
-"destroy"		{ return DESTROY; }
 
 "accept"		{ return ACCEPT; }
 "drop"			{ return DROP; }