[Bug 835] New: protocol without option is failing

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Sat Jul 20 23:47:58 CEST 2013


https://bugzilla.netfilter.org/show_bug.cgi?id=835

           Summary: protocol without option is failing
           Product: nftables
           Version: unspecified
          Platform: x86_64
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: nft
        AssignedTo: pablo at netfilter.org
        ReportedBy: eric at regit.org
   Estimated Hours: 0.0


When reading parser.y, it seems that tcp was meant to be used as standalone
keyword:

tcp_hdr_expr            :       TCP
                        {
                                uint8_t data = IPPROTO_TCP;
                                $$ = constant_expr_alloc(&@$,
&inet_protocol_type,
                                                         BYTEORDER_HOST_ENDIAN,
                                                         sizeof(data) *
BITS_PER_BYTE, &data);
                        }
                        |       TCP     tcp_hdr_field
                        {
                                $$ = payload_expr_alloc(&@$, &payload_tcp, $2);
                        }
                        ;

But there is a bug in the grammar because the following rule is not working:
nft add rule ip6 filter input  tcp accept --debug=all
...
Cleanup: discarding lookahead token "accept" (: )
Stack now 0
<cmdline>:1:31-36: Error: syntax error, unexpected accept
add rule ip6 filter input tcp accept
                              ^^^^^^

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.



More information about the netfilter-buglog mailing list