| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| variables-in-map-statements-fix.patch | add support for variables in map expressions It is possible to use a variable to initialize a map, which is then used in a map statement: . define dst_map = { ::1234 : 5678 } . table ip6 nat { map dst_map { typeof ip6 daddr : tcp dport; elements = $dst_map } chain prerouting { ip6 nexthdr tcp redirect to ip6 daddr map @dst_map } } . However, if one tries to use the variable directly in the statement: . define dst_map = { ::1234 : 5678 } . table ip6 nat { chain prerouting { ip6 nexthdr tcp redirect to ip6 daddr map $dst_map } } . nft rejects it: . /space/azazel/tmp/ruleset.1067161.nft:5:47-54: Error: invalid mapping expression variable ip6 nexthdr tcp redirect to ip6 daddr map $dst_map ~~~~~~~~~ ^^^^^^^^ . It also rejects variables in stateful object statements: . define quota_map = { 192.168.10.123 : "user123", 192.168.10.124 : "user124" } . table ip nat { quota user123 { over 20 mbytes } quota user124 { over 20 mbytes } chain prerouting { quota name ip saddr map $quota_map } } . thus: . /space/azazel/tmp/ruleset.1067161.nft:15:29-38: Error: invalid mapping expression variable quota name ip saddr map $quota_map ~~~~~~~~ ^^^^^^^^^^ |
Jeremy Sowden <azazel@debian.org> | yes | debian | 2024-05-23 |