Created
March 17, 2020 11:28
-
-
Save Wolf480pl/1f3728d4883d5d8a3f21cae224606064 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| _. input ::= ; | |
| _. input ::= input line; | |
| _. stmt_separator ::= NEWLINE; | |
| _. stmt_separator ::= SEMICOLON; | |
| _. opt_newline ::= NEWLINE; | |
| _. opt_newline ::= ; | |
| _. common_block ::= INCLUDE QUOTED_STRING stmt_separator; | |
| _. common_block ::= DEFINE identifier "=" initializer_expr stmt_separator; | |
| _. common_block ::= REDEFINE identifier "=" initializer_expr stmt_separator; | |
| _. common_block ::= UNDEFINE identifier stmt_separator; | |
| _. common_block ::= error stmt_separator; | |
| _. line ::= common_block; | |
| _. line ::= stmt_separator; | |
| _. line ::= base_cmd stmt_separator; | |
| _. line ::= base_cmd TOKEN_EOF; | |
| _. base_cmd ::= add_cmd; | |
| _. base_cmd ::= ADD add_cmd; | |
| _. base_cmd ::= REPLACE replace_cmd; | |
| _. base_cmd ::= CREATE create_cmd; | |
| _. base_cmd ::= INSERT insert_cmd; | |
| _. base_cmd ::= DELETE delete_cmd; | |
| _. base_cmd ::= GET get_cmd; | |
| _. base_cmd ::= LIST list_cmd; | |
| _. base_cmd ::= RESET reset_cmd; | |
| _. base_cmd ::= FLUSH flush_cmd; | |
| _. base_cmd ::= RENAME rename_cmd; | |
| _. base_cmd ::= IMPORT import_cmd; | |
| _. base_cmd ::= EXPORT export_cmd; | |
| _. base_cmd ::= MONITOR monitor_cmd; | |
| _. base_cmd ::= DESCRIBE describe_cmd; | |
| _. add_cmd ::= TABLE table_spec; | |
| _. add_cmd ::= TABLE table_spec table_block_alloc; | |
| _. add_cmd ::= CHAIN chain_spec; | |
| _. add_cmd ::= CHAIN chain_spec chain_block_alloc; | |
| _. add_cmd ::= RULE rule_position rule; | |
| _. add_cmd ::= rule_position rule; | |
| _. add_cmd ::= SET set_spec set_block_alloc; | |
| _. add_cmd ::= MAP set_spec map_block_alloc; | |
| _. add_cmd ::= ELEMENT set_spec set_block_expr; | |
| _. add_cmd ::= FLOWTABLE flowtable_spec flowtable_block_alloc; | |
| _. add_cmd ::= COUNTER obj_spec; | |
| _. add_cmd ::= COUNTER obj_spec counter_obj counter_config; | |
| _. add_cmd ::= QUOTA obj_spec quota_obj quota_config; | |
| _. add_cmd ::= CT HELPER obj_spec ct_obj_alloc "{" ct_helper_block "}"; | |
| _. add_cmd ::= CT TIMEOUT obj_spec ct_obj_alloc "{" ct_timeout_block "}"; | |
| _. add_cmd ::= CT EXPECTATION obj_spec ct_obj_alloc "{" ct_expect_block "}"; | |
| _. add_cmd ::= LIMIT obj_spec limit_obj limit_config; | |
| _. add_cmd ::= SECMARK obj_spec secmark_obj secmark_config; | |
| _. add_cmd ::= SYNPROXY obj_spec synproxy_obj synproxy_config; | |
| _. replace_cmd ::= RULE ruleid_spec rule; | |
| _. create_cmd ::= TABLE table_spec; | |
| _. create_cmd ::= TABLE table_spec table_block_alloc; | |
| _. create_cmd ::= CHAIN chain_spec; | |
| _. create_cmd ::= CHAIN chain_spec chain_block_alloc; | |
| _. create_cmd ::= SET set_spec set_block_alloc; | |
| _. create_cmd ::= MAP set_spec map_block_alloc; | |
| _. create_cmd ::= ELEMENT set_spec set_block_expr; | |
| _. create_cmd ::= FLOWTABLE flowtable_spec flowtable_block_alloc; | |
| _. create_cmd ::= COUNTER obj_spec; | |
| _. create_cmd ::= COUNTER obj_spec counter_obj counter_config; | |
| _. create_cmd ::= QUOTA obj_spec quota_obj quota_config; | |
| _. create_cmd ::= CT HELPER obj_spec ct_obj_alloc "{" ct_helper_block "}"; | |
| _. create_cmd ::= CT TIMEOUT obj_spec ct_obj_alloc "{" ct_timeout_block "}"; | |
| _. create_cmd ::= CT EXPECTATION obj_spec ct_obj_alloc "{" ct_expect_block "}"; | |
| _. create_cmd ::= LIMIT obj_spec limit_obj limit_config; | |
| _. create_cmd ::= SECMARK obj_spec secmark_obj secmark_config; | |
| _. create_cmd ::= SYNPROXY obj_spec synproxy_obj synproxy_config; | |
| _. insert_cmd ::= RULE rule_position rule; | |
| _. delete_cmd ::= TABLE table_spec; | |
| _. delete_cmd ::= TABLE tableid_spec; | |
| _. delete_cmd ::= CHAIN chain_spec; | |
| _. delete_cmd ::= CHAIN chainid_spec; | |
| _. delete_cmd ::= RULE ruleid_spec; | |
| _. delete_cmd ::= SET set_spec; | |
| _. delete_cmd ::= SET setid_spec; | |
| _. delete_cmd ::= MAP set_spec; | |
| _. delete_cmd ::= ELEMENT set_spec set_block_expr; | |
| _. delete_cmd ::= FLOWTABLE flowtable_spec; | |
| _. delete_cmd ::= FLOWTABLE flowtableid_spec; | |
| _. delete_cmd ::= COUNTER obj_spec; | |
| _. delete_cmd ::= COUNTER objid_spec; | |
| _. delete_cmd ::= QUOTA obj_spec; | |
| _. delete_cmd ::= QUOTA objid_spec; | |
| _. delete_cmd ::= CT ct_obj_type obj_spec ct_obj_alloc; | |
| _. delete_cmd ::= LIMIT obj_spec; | |
| _. delete_cmd ::= LIMIT objid_spec; | |
| _. delete_cmd ::= SECMARK obj_spec; | |
| _. delete_cmd ::= SECMARK objid_spec; | |
| _. delete_cmd ::= SYNPROXY obj_spec; | |
| _. delete_cmd ::= SYNPROXY objid_spec; | |
| _. get_cmd ::= ELEMENT set_spec set_block_expr; | |
| _. list_cmd ::= TABLE table_spec; | |
| _. list_cmd ::= TABLES ruleset_spec; | |
| _. list_cmd ::= CHAIN chain_spec; | |
| _. list_cmd ::= CHAINS ruleset_spec; | |
| _. list_cmd ::= SETS ruleset_spec; | |
| _. list_cmd ::= SETS TABLE table_spec; | |
| _. list_cmd ::= SET set_spec; | |
| _. list_cmd ::= COUNTERS ruleset_spec; | |
| _. list_cmd ::= COUNTERS TABLE table_spec; | |
| _. list_cmd ::= COUNTER obj_spec; | |
| _. list_cmd ::= QUOTAS ruleset_spec; | |
| _. list_cmd ::= QUOTAS TABLE table_spec; | |
| _. list_cmd ::= QUOTA obj_spec; | |
| _. list_cmd ::= LIMITS ruleset_spec; | |
| _. list_cmd ::= LIMITS TABLE table_spec; | |
| _. list_cmd ::= LIMIT obj_spec; | |
| _. list_cmd ::= SECMARKS ruleset_spec; | |
| _. list_cmd ::= SECMARKS TABLE table_spec; | |
| _. list_cmd ::= SECMARK obj_spec; | |
| _. list_cmd ::= SYNPROXYS ruleset_spec; | |
| _. list_cmd ::= SYNPROXYS TABLE table_spec; | |
| _. list_cmd ::= SYNPROXY obj_spec; | |
| _. list_cmd ::= RULESET ruleset_spec; | |
| _. list_cmd ::= FLOW TABLES ruleset_spec; | |
| _. list_cmd ::= FLOW TABLE set_spec; | |
| _. list_cmd ::= METERS ruleset_spec; | |
| _. list_cmd ::= METER set_spec; | |
| _. list_cmd ::= FLOWTABLES ruleset_spec; | |
| _. list_cmd ::= FLOWTABLE flowtable_spec; | |
| _. list_cmd ::= MAPS ruleset_spec; | |
| _. list_cmd ::= MAP set_spec; | |
| _. list_cmd ::= CT ct_obj_type obj_spec; | |
| _. list_cmd ::= CT HELPERS TABLE table_spec; | |
| _. list_cmd ::= CT TIMEOUT TABLE table_spec; | |
| _. list_cmd ::= CT EXPECTATION TABLE table_spec; | |
| _. reset_cmd ::= COUNTERS ruleset_spec; | |
| _. reset_cmd ::= COUNTERS TABLE table_spec; | |
| _. reset_cmd ::= COUNTER obj_spec; | |
| _. reset_cmd ::= QUOTAS ruleset_spec; | |
| _. reset_cmd ::= QUOTAS TABLE table_spec; | |
| _. reset_cmd ::= QUOTA obj_spec; | |
| _. flush_cmd ::= TABLE table_spec; | |
| _. flush_cmd ::= CHAIN chain_spec; | |
| _. flush_cmd ::= SET set_spec; | |
| _. flush_cmd ::= MAP set_spec; | |
| _. flush_cmd ::= FLOW TABLE set_spec; | |
| _. flush_cmd ::= METER set_spec; | |
| _. flush_cmd ::= RULESET ruleset_spec; | |
| _. rename_cmd ::= CHAIN chain_spec identifier; | |
| _. import_cmd ::= RULESET markup_format; | |
| _. import_cmd ::= markup_format; | |
| _. export_cmd ::= RULESET markup_format; | |
| _. export_cmd ::= markup_format; | |
| _. monitor_cmd ::= monitor_event monitor_object monitor_format; | |
| _. monitor_event ::= ; | |
| _. monitor_event ::= STRING; | |
| _. monitor_object ::= ; | |
| _. monitor_object ::= TABLES; | |
| _. monitor_object ::= CHAINS; | |
| _. monitor_object ::= SETS; | |
| _. monitor_object ::= RULES; | |
| _. monitor_object ::= ELEMENTS; | |
| _. monitor_object ::= RULESET; | |
| _. monitor_object ::= TRACE; | |
| _. monitor_format ::= ; | |
| _. monitor_format ::= markup_format; | |
| _. markup_format ::= XML; | |
| _. markup_format ::= JSON; | |
| _. markup_format ::= VM JSON; | |
| _. describe_cmd ::= primary_expr; | |
| _. table_block_alloc ::= ; | |
| _. table_options ::= FLAGS STRING; | |
| _. table_block ::= ; | |
| _. table_block ::= table_block common_block; | |
| _. table_block ::= table_block stmt_separator; | |
| _. table_block ::= table_block table_options stmt_separator; | |
| _. table_block ::= table_block CHAIN chain_identifier; | |
| _. table_block ::= table_block SET set_identifier; | |
| _. table_block ::= table_block MAP set_identifier; | |
| _. table_block ::= table_block FLOWTABLE flowtable_identifier; | |
| _. table_block ::= table_block COUNTER obj_identifier; | |
| _. table_block ::= table_block QUOTA obj_identifier; | |
| _. table_block ::= table_block CT HELPER obj_identifier obj_block_alloc "{" ct_helper_block "}" stmt_separator; | |
| _. table_block ::= table_block CT TIMEOUT obj_identifier obj_block_alloc "{" ct_timeout_block "}" stmt_separator; | |
| _. table_block ::= table_block CT EXPECTATION obj_identifier obj_block_alloc "{" ct_expect_block "}" stmt_separator; | |
| _. table_block ::= table_block LIMIT obj_identifier; | |
| _. table_block ::= table_block SECMARK obj_identifier; | |
| _. table_block ::= table_block SYNPROXY obj_identifier; | |
| _. chain_block_alloc ::= ; | |
| _. chain_block ::= ; | |
| _. chain_block ::= chain_block common_block; | |
| _. chain_block ::= chain_block stmt_separator; | |
| _. chain_block ::= chain_block hook_spec stmt_separator; | |
| _. chain_block ::= chain_block policy_spec stmt_separator; | |
| _. chain_block ::= chain_block flags_spec stmt_separator; | |
| _. chain_block ::= chain_block rule stmt_separator; | |
| _. typeof_expr ::= primary_expr; | |
| _. typeof_expr ::= typeof_expr DOT primary_expr; | |
| _. set_block_alloc ::= ; | |
| _. set_block ::= ; | |
| _. set_block ::= set_block common_block; | |
| _. set_block ::= set_block stmt_separator; | |
| _. set_block ::= set_block TYPE data_type_expr stmt_separator; | |
| _. set_block ::= set_block TYPEOF typeof_expr stmt_separator; | |
| _. set_block ::= set_block FLAGS set_flag_list stmt_separator; | |
| _. set_block ::= set_block TIMEOUT time_spec stmt_separator; | |
| _. set_block ::= set_block GC_INTERVAL time_spec stmt_separator; | |
| _. set_block ::= set_block ELEMENTS "=" set_block_expr; | |
| _. set_block ::= set_block AUTOMERGE; | |
| _. set_block ::= set_block set_mechanism stmt_separator; | |
| _. set_block_expr ::= set_expr; | |
| _. set_block_expr ::= variable_expr; | |
| _. set_flag_list ::= set_flag_list COMMA set_flag; | |
| _. set_flag_list ::= set_flag; | |
| _. set_flag ::= CONSTANT; | |
| _. set_flag ::= INTERVAL; | |
| _. set_flag ::= TIMEOUT; | |
| _. set_flag ::= DYNAMIC; | |
| _. map_block_alloc ::= ; | |
| _. map_block ::= ; | |
| _. map_block ::= map_block common_block; | |
| _. map_block ::= map_block stmt_separator; | |
| _. map_block ::= map_block TIMEOUT time_spec stmt_separator; | |
| _. map_block ::= map_block TYPE; | |
| _. map_block ::= map_block TYPEOF; | |
| _. map_block ::= map_block TYPE; | |
| _. map_block ::= map_block TYPE; | |
| _. map_block ::= map_block TYPE; | |
| _. map_block ::= map_block TYPE; | |
| _. map_block ::= map_block FLAGS set_flag_list stmt_separator; | |
| _. map_block ::= map_block ELEMENTS "=" set_block_expr; | |
| _. map_block ::= map_block set_mechanism stmt_separator; | |
| _. set_mechanism ::= POLICY set_policy_spec; | |
| _. set_mechanism ::= SIZE NUM; | |
| _. set_policy_spec ::= PERFORMANCE; | |
| _. set_policy_spec ::= MEMORY; | |
| _. flowtable_block_alloc ::= ; | |
| _. flowtable_block ::= ; | |
| _. flowtable_block ::= flowtable_block common_block; | |
| _. flowtable_block ::= flowtable_block stmt_separator; | |
| _. flowtable_block ::= flowtable_block HOOK STRING prio_spec stmt_separator; | |
| _. flowtable_block ::= flowtable_block DEVICES "=" flowtable_expr stmt_separator; | |
| _. flowtable_expr ::= "{" flowtable_list_expr "}"; | |
| _. flowtable_list_expr ::= flowtable_expr_member; | |
| _. flowtable_list_expr ::= flowtable_list_expr COMMA flowtable_expr_member; | |
| _. flowtable_list_expr ::= flowtable_list_expr COMMA opt_newline; | |
| _. flowtable_expr_member ::= STRING; | |
| _. data_type_atom_expr ::= type_identifier; | |
| _. data_type_atom_expr ::= TIME; | |
| _. data_type_expr ::= data_type_atom_expr; | |
| _. data_type_expr ::= data_type_expr DOT data_type_atom_expr; | |
| _. obj_block_alloc ::= ; | |
| _. counter_block ::= ; | |
| _. counter_block ::= counter_block common_block; | |
| _. counter_block ::= counter_block stmt_separator; | |
| _. counter_block ::= counter_block counter_config; | |
| _. quota_block ::= ; | |
| _. quota_block ::= quota_block common_block; | |
| _. quota_block ::= quota_block stmt_separator; | |
| _. quota_block ::= quota_block quota_config; | |
| _. ct_helper_block ::= ; | |
| _. ct_helper_block ::= ct_helper_block common_block; | |
| _. ct_helper_block ::= ct_helper_block stmt_separator; | |
| _. ct_helper_block ::= ct_helper_block ct_helper_config; | |
| _. ct_timeout_block ::= ; | |
| _. ct_timeout_block ::= ct_timeout_block common_block; | |
| _. ct_timeout_block ::= ct_timeout_block stmt_separator; | |
| _. ct_timeout_block ::= ct_timeout_block ct_timeout_config; | |
| _. ct_expect_block ::= ; | |
| _. ct_expect_block ::= ct_expect_block common_block; | |
| _. ct_expect_block ::= ct_expect_block stmt_separator; | |
| _. ct_expect_block ::= ct_expect_block ct_expect_config; | |
| _. limit_block ::= ; | |
| _. limit_block ::= limit_block common_block; | |
| _. limit_block ::= limit_block stmt_separator; | |
| _. limit_block ::= limit_block limit_config; | |
| _. secmark_block ::= ; | |
| _. secmark_block ::= secmark_block common_block; | |
| _. secmark_block ::= secmark_block stmt_separator; | |
| _. secmark_block ::= secmark_block secmark_config; | |
| _. synproxy_block ::= ; | |
| _. synproxy_block ::= synproxy_block common_block; | |
| _. synproxy_block ::= synproxy_block stmt_separator; | |
| _. synproxy_block ::= synproxy_block synproxy_config; | |
| _. type_identifier ::= STRING; | |
| _. type_identifier ::= MARK; | |
| _. type_identifier ::= DSCP; | |
| _. type_identifier ::= ECN; | |
| _. type_identifier ::= CLASSID; | |
| _. hook_spec ::= TYPE STRING HOOK STRING dev_spec prio_spec; | |
| _. prio_spec ::= PRIORITY extended_prio_spec; | |
| _. extended_prio_name ::= OUT; | |
| _. extended_prio_name ::= STRING; | |
| _. extended_prio_spec ::= int_num; | |
| _. extended_prio_spec ::= variable_expr; | |
| _. extended_prio_spec ::= extended_prio_name; | |
| _. extended_prio_spec ::= extended_prio_name PLUS NUM; | |
| _. extended_prio_spec ::= extended_prio_name DASH NUM; | |
| _. int_num ::= NUM; | |
| _. int_num ::= DASH NUM; | |
| _. dev_spec ::= DEVICE string; | |
| _. dev_spec ::= DEVICES "=" flowtable_expr; | |
| _. dev_spec ::= ; | |
| _. flags_spec ::= FLAGS OFFLOAD; | |
| _. policy_spec ::= POLICY policy_expr; | |
| _. policy_expr ::= variable_expr; | |
| _. policy_expr ::= chain_policy; | |
| _. chain_policy ::= ACCEPT; | |
| _. chain_policy ::= DROP; | |
| _. identifier ::= STRING; | |
| _. string ::= STRING; | |
| _. string ::= QUOTED_STRING; | |
| _. string ::= ASTERISK_STRING; | |
| _. time_spec ::= STRING; | |
| _. family_spec ::= ; | |
| _. family_spec ::= family_spec_explicit; | |
| _. family_spec_explicit ::= IP; | |
| _. family_spec_explicit ::= IP6; | |
| _. family_spec_explicit ::= INET; | |
| _. family_spec_explicit ::= ARP; | |
| _. family_spec_explicit ::= BRIDGE; | |
| _. family_spec_explicit ::= NETDEV; | |
| _. table_spec ::= family_spec identifier; | |
| _. tableid_spec ::= family_spec HANDLE NUM; | |
| _. chain_spec ::= table_spec identifier; | |
| _. chainid_spec ::= table_spec HANDLE NUM; | |
| _. chain_identifier ::= identifier; | |
| _. set_spec ::= table_spec identifier; | |
| _. setid_spec ::= table_spec HANDLE NUM; | |
| _. set_identifier ::= identifier; | |
| _. flowtable_spec ::= table_spec identifier; | |
| _. flowtableid_spec ::= table_spec HANDLE NUM; | |
| _. flowtable_identifier ::= identifier; | |
| _. obj_spec ::= table_spec identifier; | |
| _. objid_spec ::= table_spec HANDLE NUM; | |
| _. obj_identifier ::= identifier; | |
| _. handle_spec ::= HANDLE NUM; | |
| _. position_spec ::= POSITION NUM; | |
| _. index_spec ::= INDEX NUM; | |
| _. rule_position ::= chain_spec; | |
| _. rule_position ::= chain_spec position_spec; | |
| _. rule_position ::= chain_spec handle_spec; | |
| _. rule_position ::= chain_spec index_spec; | |
| _. ruleid_spec ::= chain_spec handle_spec; | |
| _. comment_spec ::= COMMENT string; | |
| _. ruleset_spec ::= ; | |
| _. ruleset_spec ::= family_spec_explicit; | |
| _. rule ::= rule_alloc; | |
| _. rule ::= rule_alloc comment_spec; | |
| _. rule_alloc ::= stmt_list; | |
| _. stmt_list ::= stmt; | |
| _. stmt_list ::= stmt_list stmt; | |
| _. stateful_stmt ::= counter_stmt; | |
| _. stateful_stmt ::= limit_stmt; | |
| _. stateful_stmt ::= quota_stmt; | |
| _. stateful_stmt ::= connlimit_stmt; | |
| _. stmt ::= verdict_stmt; | |
| _. stmt ::= match_stmt; | |
| _. stmt ::= meter_stmt; | |
| _. stmt ::= payload_stmt; | |
| _. stmt ::= stateful_stmt; | |
| _. stmt ::= meta_stmt; | |
| _. stmt ::= log_stmt; | |
| _. stmt ::= reject_stmt; | |
| _. stmt ::= nat_stmt; | |
| _. stmt ::= tproxy_stmt; | |
| _. stmt ::= queue_stmt; | |
| _. stmt ::= ct_stmt; | |
| _. stmt ::= masq_stmt; | |
| _. stmt ::= redir_stmt; | |
| _. stmt ::= dup_stmt; | |
| _. stmt ::= fwd_stmt; | |
| _. stmt ::= set_stmt; | |
| _. stmt ::= map_stmt; | |
| _. stmt ::= synproxy_stmt; | |
| _. verdict_stmt ::= verdict_expr; | |
| _. verdict_stmt ::= verdict_map_stmt; | |
| _. verdict_map_stmt ::= concat_expr VMAP verdict_map_expr; | |
| _. verdict_map_expr ::= "{" verdict_map_list_expr "}"; | |
| _. verdict_map_expr ::= set_ref_expr; | |
| _. verdict_map_list_expr ::= verdict_map_list_member_expr; | |
| _. verdict_map_list_expr ::= verdict_map_list_expr COMMA verdict_map_list_member_expr; | |
| _. verdict_map_list_expr ::= verdict_map_list_expr COMMA opt_newline; | |
| _. verdict_map_list_member_expr ::= set_elem_expr COLON verdict_expr opt_newline; | |
| _. connlimit_stmt ::= CT COUNT NUM; | |
| _. connlimit_stmt ::= CT COUNT OVER NUM; | |
| _. counter_stmt ::= counter_stmt_alloc; | |
| _. counter_stmt ::= counter_stmt_alloc counter_args; | |
| _. counter_stmt_alloc ::= COUNTER; | |
| _. counter_stmt_alloc ::= COUNTER NAME stmt_expr; | |
| _. counter_args ::= counter_arg; | |
| _. counter_args ::= counter_args counter_arg; | |
| _. counter_arg ::= PACKETS NUM; | |
| _. counter_arg ::= BYTES NUM; | |
| _. log_stmt ::= log_stmt_alloc; | |
| _. log_stmt ::= log_stmt_alloc log_args; | |
| _. log_stmt_alloc ::= LOG; | |
| _. log_args ::= log_arg; | |
| _. log_args ::= log_args log_arg; | |
| _. log_arg ::= PREFIX string; | |
| _. log_arg ::= GROUP NUM; | |
| _. log_arg ::= SNAPLEN NUM; | |
| _. log_arg ::= QUEUE_THRESHOLD NUM; | |
| _. log_arg ::= LEVEL level_type; | |
| _. log_arg ::= FLAGS log_flags; | |
| _. level_type ::= string; | |
| _. log_flags ::= TCP log_flags_tcp; | |
| _. log_flags ::= IP OPTIONS; | |
| _. log_flags ::= SKUID; | |
| _. log_flags ::= ETHER; | |
| _. log_flags ::= ALL; | |
| _. log_flags_tcp ::= log_flags_tcp COMMA log_flag_tcp; | |
| _. log_flags_tcp ::= log_flag_tcp; | |
| _. log_flag_tcp ::= SEQUENCE; | |
| _. log_flag_tcp ::= OPTIONS; | |
| _. limit_stmt ::= LIMIT RATE limit_mode NUM SLASH time_unit limit_burst_pkts; | |
| _. limit_stmt ::= LIMIT RATE limit_mode NUM STRING limit_burst_bytes; | |
| _. limit_stmt ::= LIMIT NAME stmt_expr; | |
| _. quota_mode ::= OVER; | |
| _. quota_mode ::= UNTIL; | |
| _. quota_mode ::= ; | |
| _. quota_unit ::= BYTES; | |
| _. quota_unit ::= STRING; | |
| _. quota_used ::= ; | |
| _. quota_used ::= USED NUM quota_unit; | |
| _. quota_stmt ::= QUOTA quota_mode NUM quota_unit quota_used; | |
| _. quota_stmt ::= QUOTA NAME stmt_expr; | |
| _. limit_mode ::= OVER; | |
| _. limit_mode ::= UNTIL; | |
| _. limit_mode ::= ; | |
| _. limit_burst_pkts ::= ; | |
| _. limit_burst_pkts ::= BURST NUM PACKETS; | |
| _. limit_burst_bytes ::= ; | |
| _. limit_burst_bytes ::= BURST NUM BYTES; | |
| _. limit_burst_bytes ::= BURST NUM STRING; | |
| _. time_unit ::= SECOND; | |
| _. time_unit ::= MINUTE; | |
| _. time_unit ::= HOUR; | |
| _. time_unit ::= DAY; | |
| _. time_unit ::= WEEK; | |
| _. reject_stmt ::= reject_stmt_alloc reject_opts; | |
| _. reject_stmt_alloc ::= REJECT; | |
| _. reject_opts ::= ; | |
| _. reject_opts ::= WITH ICMP TYPE STRING; | |
| _. reject_opts ::= WITH ICMP6 TYPE STRING; | |
| _. reject_opts ::= WITH ICMPX TYPE STRING; | |
| _. reject_opts ::= WITH TCP RESET; | |
| _. nat_stmt ::= nat_stmt_alloc nat_stmt_args; | |
| _. nat_stmt_alloc ::= SNAT; | |
| _. nat_stmt_alloc ::= DNAT; | |
| _. tproxy_stmt ::= TPROXY TO stmt_expr; | |
| _. tproxy_stmt ::= TPROXY nf_key_proto TO stmt_expr; | |
| _. tproxy_stmt ::= TPROXY TO COLON stmt_expr; | |
| _. tproxy_stmt ::= TPROXY TO stmt_expr COLON stmt_expr; | |
| _. tproxy_stmt ::= TPROXY nf_key_proto TO stmt_expr COLON stmt_expr; | |
| _. tproxy_stmt ::= TPROXY nf_key_proto TO COLON stmt_expr; | |
| _. synproxy_stmt ::= synproxy_stmt_alloc; | |
| _. synproxy_stmt ::= synproxy_stmt_alloc synproxy_args; | |
| _. synproxy_stmt_alloc ::= SYNPROXY; | |
| _. synproxy_stmt_alloc ::= SYNPROXY NAME stmt_expr; | |
| _. synproxy_args ::= synproxy_arg; | |
| _. synproxy_args ::= synproxy_args synproxy_arg; | |
| _. synproxy_arg ::= MSS NUM; | |
| _. synproxy_arg ::= WSCALE NUM; | |
| _. synproxy_arg ::= TIMESTAMP; | |
| _. synproxy_arg ::= SACKPERM; | |
| _. synproxy_config ::= MSS NUM WSCALE NUM synproxy_ts synproxy_sack; | |
| _. synproxy_config ::= MSS NUM stmt_separator WSCALE NUM stmt_separator synproxy_ts synproxy_sack; | |
| _. synproxy_obj ::= ; | |
| _. synproxy_ts ::= ; | |
| _. synproxy_ts ::= TIMESTAMP; | |
| _. synproxy_sack ::= ; | |
| _. synproxy_sack ::= SACKPERM; | |
| _. primary_stmt_expr ::= symbol_expr; | |
| _. primary_stmt_expr ::= integer_expr; | |
| _. primary_stmt_expr ::= boolean_expr; | |
| _. primary_stmt_expr ::= meta_expr; | |
| _. primary_stmt_expr ::= rt_expr; | |
| _. primary_stmt_expr ::= ct_expr; | |
| _. primary_stmt_expr ::= numgen_expr; | |
| _. primary_stmt_expr ::= hash_expr; | |
| _. primary_stmt_expr ::= payload_expr; | |
| _. primary_stmt_expr ::= keyword_expr; | |
| _. primary_stmt_expr ::= socket_expr; | |
| _. primary_stmt_expr ::= osf_expr; | |
| _. primary_stmt_expr ::= "(" basic_stmt_expr ")"; | |
| _. shift_stmt_expr ::= primary_stmt_expr; | |
| _. shift_stmt_expr ::= shift_stmt_expr LSHIFT primary_stmt_expr; | |
| _. shift_stmt_expr ::= shift_stmt_expr RSHIFT primary_stmt_expr; | |
| _. and_stmt_expr ::= shift_stmt_expr; | |
| _. and_stmt_expr ::= and_stmt_expr AMPERSAND shift_stmt_expr; | |
| _. exclusive_or_stmt_expr ::= and_stmt_expr; | |
| _. exclusive_or_stmt_expr ::= exclusive_or_stmt_expr CARET and_stmt_expr; | |
| _. inclusive_or_stmt_expr ::= exclusive_or_stmt_expr; | |
| _. inclusive_or_stmt_expr ::= inclusive_or_stmt_expr "|" exclusive_or_stmt_expr; | |
| _. basic_stmt_expr ::= inclusive_or_stmt_expr; | |
| _. concat_stmt_expr ::= basic_stmt_expr; | |
| _. concat_stmt_expr ::= concat_stmt_expr DOT primary_stmt_expr; | |
| _. map_stmt_expr_set ::= set_expr; | |
| _. map_stmt_expr_set ::= set_ref_expr; | |
| _. map_stmt_expr ::= concat_stmt_expr MAP map_stmt_expr_set; | |
| _. map_stmt_expr ::= concat_stmt_expr; | |
| _. prefix_stmt_expr ::= basic_stmt_expr SLASH NUM; | |
| _. range_stmt_expr ::= basic_stmt_expr DASH basic_stmt_expr; | |
| _. wildcard_expr ::= ASTERISK; | |
| _. multiton_stmt_expr ::= prefix_stmt_expr; | |
| _. multiton_stmt_expr ::= range_stmt_expr; | |
| _. multiton_stmt_expr ::= wildcard_expr; | |
| _. stmt_expr ::= map_stmt_expr; | |
| _. stmt_expr ::= multiton_stmt_expr; | |
| _. stmt_expr ::= list_stmt_expr; | |
| _. nat_stmt_args ::= stmt_expr; | |
| _. nat_stmt_args ::= TO stmt_expr; | |
| _. nat_stmt_args ::= nf_key_proto TO stmt_expr; | |
| _. nat_stmt_args ::= stmt_expr COLON stmt_expr; | |
| _. nat_stmt_args ::= TO stmt_expr COLON stmt_expr; | |
| _. nat_stmt_args ::= nf_key_proto TO stmt_expr COLON stmt_expr; | |
| _. nat_stmt_args ::= COLON stmt_expr; | |
| _. nat_stmt_args ::= TO COLON stmt_expr; | |
| _. nat_stmt_args ::= nat_stmt_args nf_nat_flags; | |
| _. nat_stmt_args ::= nf_key_proto ADDR DOT PORT TO stmt_expr; | |
| _. masq_stmt ::= masq_stmt_alloc masq_stmt_args; | |
| _. masq_stmt ::= masq_stmt_alloc; | |
| _. masq_stmt_alloc ::= MASQUERADE; | |
| _. masq_stmt_args ::= TO COLON stmt_expr; | |
| _. masq_stmt_args ::= TO COLON stmt_expr nf_nat_flags; | |
| _. masq_stmt_args ::= nf_nat_flags; | |
| _. redir_stmt ::= redir_stmt_alloc redir_stmt_arg; | |
| _. redir_stmt ::= redir_stmt_alloc; | |
| _. redir_stmt_alloc ::= REDIRECT; | |
| _. redir_stmt_arg ::= TO stmt_expr; | |
| _. redir_stmt_arg ::= TO COLON stmt_expr; | |
| _. redir_stmt_arg ::= nf_nat_flags; | |
| _. redir_stmt_arg ::= TO stmt_expr nf_nat_flags; | |
| _. redir_stmt_arg ::= TO COLON stmt_expr nf_nat_flags; | |
| _. dup_stmt ::= DUP TO stmt_expr; | |
| _. dup_stmt ::= DUP TO stmt_expr DEVICE stmt_expr; | |
| _. fwd_stmt ::= FWD TO stmt_expr; | |
| _. fwd_stmt ::= FWD nf_key_proto TO stmt_expr DEVICE stmt_expr; | |
| _. nf_nat_flags ::= nf_nat_flag; | |
| _. nf_nat_flags ::= nf_nat_flags COMMA nf_nat_flag; | |
| _. nf_nat_flag ::= RANDOM; | |
| _. nf_nat_flag ::= FULLY_RANDOM; | |
| _. nf_nat_flag ::= PERSISTENT; | |
| _. queue_stmt ::= queue_stmt_alloc; | |
| _. queue_stmt ::= queue_stmt_alloc queue_stmt_args; | |
| _. queue_stmt_alloc ::= QUEUE; | |
| _. queue_stmt_args ::= queue_stmt_arg; | |
| _. queue_stmt_args ::= queue_stmt_args queue_stmt_arg; | |
| _. queue_stmt_arg ::= QUEUENUM stmt_expr; | |
| _. queue_stmt_arg ::= queue_stmt_flags; | |
| _. queue_stmt_flags ::= queue_stmt_flag; | |
| _. queue_stmt_flags ::= queue_stmt_flags COMMA queue_stmt_flag; | |
| _. queue_stmt_flag ::= BYPASS; | |
| _. queue_stmt_flag ::= FANOUT; | |
| _. set_elem_expr_stmt ::= set_elem_expr_stmt_alloc; | |
| _. set_elem_expr_stmt ::= set_elem_expr_stmt_alloc set_elem_options; | |
| _. set_elem_expr_stmt_alloc ::=; | |
| _. set_stmt ::= SET set_stmt_op set_elem_expr_stmt set_ref_expr; | |
| _. set_stmt ::= set_stmt_op set_ref_expr "{" set_elem_expr_stmt "}"; | |
| _. set_stmt ::= set_stmt_op set_ref_expr "{" set_elem_expr_stmt stateful_stmt "}"; | |
| _. set_stmt_op ::= ADD; | |
| _. set_stmt_op ::= UPDATE; | |
| _. set_stmt_op ::= DELETE; | |
| _. map_stmt ::= set_stmt_op set_ref_expr "{" set_elem_expr_stmt COLON set_elem_expr_stmt "}"; | |
| _. map_stmt ::= set_stmt_op set_ref_expr "{" set_elem_expr_stmt stateful_stmt COLON set_elem_expr_stmt "}"; | |
| _. meter_stmt ::= flow_stmt_legacy_alloc flow_stmt_opts "{" meter_key_expr stmt "}"; | |
| _. meter_stmt ::= meter_stmt_alloc; | |
| _. flow_stmt_legacy_alloc ::= FLOW; | |
| _. flow_stmt_opts ::= flow_stmt_opt; | |
| _. flow_stmt_opts ::= flow_stmt_opts flow_stmt_opt; | |
| _. flow_stmt_opt ::= TABLE identifier; | |
| _. meter_stmt_alloc ::= METER identifier "{" meter_key_expr stmt "}"; | |
| _. meter_stmt_alloc ::= METER identifier SIZE NUM "{" meter_key_expr stmt "}"; | |
| _. match_stmt ::= relational_expr; | |
| _. variable_expr ::= "$" identifier; | |
| _. symbol_expr ::= variable_expr; | |
| _. symbol_expr ::= string; | |
| _. set_ref_expr ::= set_ref_symbol_expr; | |
| _. set_ref_expr ::= variable_expr; | |
| _. set_ref_symbol_expr ::= AT identifier; | |
| _. integer_expr ::= NUM; | |
| _. primary_expr ::= symbol_expr; | |
| _. primary_expr ::= integer_expr; | |
| _. primary_expr ::= payload_expr; | |
| _. primary_expr ::= exthdr_expr; | |
| _. primary_expr ::= exthdr_exists_expr; | |
| _. primary_expr ::= meta_expr; | |
| _. primary_expr ::= socket_expr; | |
| _. primary_expr ::= rt_expr; | |
| _. primary_expr ::= ct_expr; | |
| _. primary_expr ::= numgen_expr; | |
| _. primary_expr ::= hash_expr; | |
| _. primary_expr ::= fib_expr; | |
| _. primary_expr ::= osf_expr; | |
| _. primary_expr ::= xfrm_expr; | |
| _. primary_expr ::= "(" basic_expr ")"; | |
| _. fib_expr ::= FIB fib_tuple fib_result; | |
| _. fib_result ::= OIF; | |
| _. fib_result ::= OIFNAME; | |
| _. fib_result ::= TYPE; | |
| _. fib_flag ::= SADDR; | |
| _. fib_flag ::= DADDR; | |
| _. fib_flag ::= MARK; | |
| _. fib_flag ::= IIF; | |
| _. fib_flag ::= OIF; | |
| _. fib_tuple ::= fib_flag DOT fib_tuple; | |
| _. fib_tuple ::= fib_flag; | |
| _. osf_expr ::= OSF osf_ttl HDRVERSION; | |
| _. osf_expr ::= OSF osf_ttl NAME; | |
| _. osf_ttl ::= ; | |
| _. osf_ttl ::= TTL STRING; | |
| _. shift_expr ::= primary_expr; | |
| _. shift_expr ::= shift_expr LSHIFT primary_rhs_expr; | |
| _. shift_expr ::= shift_expr RSHIFT primary_rhs_expr; | |
| _. and_expr ::= shift_expr; | |
| _. and_expr ::= and_expr AMPERSAND shift_rhs_expr; | |
| _. exclusive_or_expr ::= and_expr; | |
| _. exclusive_or_expr ::= exclusive_or_expr CARET and_rhs_expr; | |
| _. inclusive_or_expr ::= exclusive_or_expr; | |
| _. inclusive_or_expr ::= inclusive_or_expr "|" exclusive_or_rhs_expr; | |
| _. basic_expr ::= inclusive_or_expr; | |
| _. concat_expr ::= basic_expr; | |
| _. concat_expr ::= concat_expr DOT basic_expr; | |
| _. prefix_rhs_expr ::= basic_rhs_expr SLASH NUM; | |
| _. range_rhs_expr ::= basic_rhs_expr DASH basic_rhs_expr; | |
| _. multiton_rhs_expr ::= prefix_rhs_expr; | |
| _. multiton_rhs_expr ::= range_rhs_expr; | |
| _. map_expr ::= concat_expr MAP rhs_expr; | |
| _. expr ::= concat_expr; | |
| _. expr ::= set_expr; | |
| _. expr ::= map_expr; | |
| _. set_expr ::= "{" set_list_expr "}"; | |
| _. set_list_expr ::= set_list_member_expr; | |
| _. set_list_expr ::= set_list_expr COMMA set_list_member_expr; | |
| _. set_list_expr ::= set_list_expr COMMA opt_newline; | |
| _. set_list_member_expr ::= opt_newline set_expr opt_newline; | |
| _. set_list_member_expr ::= opt_newline set_elem_expr opt_newline; | |
| _. set_list_member_expr ::= opt_newline set_elem_expr COLON set_rhs_expr opt_newline; | |
| _. meter_key_expr ::= meter_key_expr_alloc; | |
| _. meter_key_expr ::= meter_key_expr_alloc set_elem_options; | |
| _. meter_key_expr_alloc ::= concat_expr; | |
| _. set_elem_expr ::= set_elem_expr_alloc; | |
| _. set_elem_expr ::= set_elem_expr_alloc set_elem_options; | |
| _. set_elem_expr_alloc ::= set_lhs_expr; | |
| _. set_elem_options ::= set_elem_option; | |
| _. set_elem_options ::= set_elem_options set_elem_option; | |
| _. set_elem_option ::= TIMEOUT time_spec; | |
| _. set_elem_option ::= EXPIRES time_spec; | |
| _. set_elem_option ::= comment_spec; | |
| _. set_lhs_expr ::= concat_rhs_expr; | |
| _. set_lhs_expr ::= wildcard_expr; | |
| _. set_rhs_expr ::= concat_rhs_expr; | |
| _. set_rhs_expr ::= verdict_expr; | |
| _. initializer_expr ::= rhs_expr; | |
| _. initializer_expr ::= list_rhs_expr; | |
| _. counter_config ::= PACKETS NUM BYTES NUM; | |
| _. counter_obj ::= ; | |
| _. quota_config ::= quota_mode NUM quota_unit quota_used; | |
| _. quota_obj ::= ; | |
| _. secmark_config ::= string; | |
| _. secmark_obj ::= ; | |
| _. ct_obj_type ::= HELPER; | |
| _. ct_obj_type ::= TIMEOUT; | |
| _. ct_obj_type ::= EXPECTATION; | |
| _. ct_l4protoname ::= TCP; | |
| _. ct_l4protoname ::= UDP; | |
| _. ct_helper_config ::= TYPE QUOTED_STRING PROTOCOL ct_l4protoname stmt_separator; | |
| _. ct_helper_config ::= L3PROTOCOL family_spec_explicit stmt_separator; | |
| _. timeout_states ::= timeout_state; | |
| _. timeout_states ::= timeout_states COMMA timeout_state; | |
| _. timeout_state ::= STRING COLON NUM; | |
| _. ct_timeout_config ::= PROTOCOL ct_l4protoname stmt_separator; | |
| _. ct_timeout_config ::= POLICY "=" "{" timeout_states "}" stmt_separator; | |
| _. ct_timeout_config ::= L3PROTOCOL family_spec_explicit stmt_separator; | |
| _. ct_expect_config ::= PROTOCOL ct_l4protoname stmt_separator; | |
| _. ct_expect_config ::= DPORT NUM stmt_separator; | |
| _. ct_expect_config ::= TIMEOUT time_spec stmt_separator; | |
| _. ct_expect_config ::= SIZE NUM stmt_separator; | |
| _. ct_expect_config ::= L3PROTOCOL family_spec_explicit stmt_separator; | |
| _. ct_obj_alloc ::= ; | |
| _. limit_config ::= RATE limit_mode NUM SLASH time_unit limit_burst_pkts; | |
| _. limit_config ::= RATE limit_mode NUM STRING limit_burst_bytes; | |
| _. limit_obj ::= ; | |
| _. relational_expr ::= expr rhs_expr; | |
| _. relational_expr ::= expr list_rhs_expr; | |
| _. relational_expr ::= expr relational_op rhs_expr; | |
| _. list_rhs_expr ::= basic_rhs_expr COMMA basic_rhs_expr; | |
| _. list_rhs_expr ::= list_rhs_expr COMMA basic_rhs_expr; | |
| _. rhs_expr ::= concat_rhs_expr; | |
| _. rhs_expr ::= wildcard_expr; | |
| _. rhs_expr ::= set_expr; | |
| _. rhs_expr ::= set_ref_symbol_expr; | |
| _. shift_rhs_expr ::= primary_rhs_expr; | |
| _. shift_rhs_expr ::= shift_rhs_expr LSHIFT primary_rhs_expr; | |
| _. shift_rhs_expr ::= shift_rhs_expr RSHIFT primary_rhs_expr; | |
| _. and_rhs_expr ::= shift_rhs_expr; | |
| _. and_rhs_expr ::= and_rhs_expr AMPERSAND shift_rhs_expr; | |
| _. exclusive_or_rhs_expr ::= and_rhs_expr; | |
| _. exclusive_or_rhs_expr ::= exclusive_or_rhs_expr CARET and_rhs_expr; | |
| _. inclusive_or_rhs_expr ::= exclusive_or_rhs_expr; | |
| _. inclusive_or_rhs_expr ::= inclusive_or_rhs_expr "|" exclusive_or_rhs_expr; | |
| _. basic_rhs_expr ::= inclusive_or_rhs_expr; | |
| _. concat_rhs_expr ::= basic_rhs_expr; | |
| _. concat_rhs_expr ::= multiton_rhs_expr; | |
| _. concat_rhs_expr ::= concat_rhs_expr DOT multiton_rhs_expr; | |
| _. concat_rhs_expr ::= concat_rhs_expr DOT basic_rhs_expr; | |
| _. boolean_keys ::= EXISTS; | |
| _. boolean_keys ::= MISSING; | |
| _. boolean_expr ::= boolean_keys; | |
| _. keyword_expr ::= ETHER; | |
| _. keyword_expr ::= IP; | |
| _. keyword_expr ::= IP6; | |
| _. keyword_expr ::= VLAN; | |
| _. keyword_expr ::= ARP; | |
| _. keyword_expr ::= DNAT; | |
| _. keyword_expr ::= SNAT; | |
| _. keyword_expr ::= ECN; | |
| _. keyword_expr ::= RESET; | |
| _. keyword_expr ::= ORIGINAL; | |
| _. keyword_expr ::= REPLY; | |
| _. keyword_expr ::= LABEL; | |
| _. primary_rhs_expr ::= symbol_expr; | |
| _. primary_rhs_expr ::= integer_expr; | |
| _. primary_rhs_expr ::= boolean_expr; | |
| _. primary_rhs_expr ::= keyword_expr; | |
| _. primary_rhs_expr ::= TCP; | |
| _. primary_rhs_expr ::= UDP; | |
| _. primary_rhs_expr ::= UDPLITE; | |
| _. primary_rhs_expr ::= ESP; | |
| _. primary_rhs_expr ::= AH; | |
| _. primary_rhs_expr ::= ICMP; | |
| _. primary_rhs_expr ::= IGMP; | |
| _. primary_rhs_expr ::= ICMP6; | |
| _. primary_rhs_expr ::= COMP; | |
| _. primary_rhs_expr ::= DCCP; | |
| _. primary_rhs_expr ::= SCTP; | |
| _. primary_rhs_expr ::= REDIRECT; | |
| _. primary_rhs_expr ::= "(" basic_rhs_expr ")"; | |
| _. relational_op ::= EQ; | |
| _. relational_op ::= NEQ; | |
| _. relational_op ::= LT; | |
| _. relational_op ::= GT; | |
| _. relational_op ::= GTE; | |
| _. relational_op ::= LTE; | |
| _. verdict_expr ::= ACCEPT; | |
| _. verdict_expr ::= DROP; | |
| _. verdict_expr ::= CONTINUE; | |
| _. verdict_expr ::= JUMP chain_expr; | |
| _. verdict_expr ::= GOTO chain_expr; | |
| _. verdict_expr ::= RETURN; | |
| _. chain_expr ::= variable_expr; | |
| _. chain_expr ::= identifier; | |
| _. meta_expr ::= META meta_key; | |
| _. meta_expr ::= meta_key_unqualified; | |
| _. meta_expr ::= META STRING; | |
| _. meta_key ::= meta_key_qualified; | |
| _. meta_key ::= meta_key_unqualified; | |
| _. meta_key_qualified ::= LENGTH; | |
| _. meta_key_qualified ::= PROTOCOL; | |
| _. meta_key_qualified ::= PRIORITY; | |
| _. meta_key_qualified ::= RANDOM; | |
| _. meta_key_qualified ::= SECMARK; | |
| _. meta_key_unqualified ::= MARK; | |
| _. meta_key_unqualified ::= IIF; | |
| _. meta_key_unqualified ::= IIFNAME; | |
| _. meta_key_unqualified ::= IIFTYPE; | |
| _. meta_key_unqualified ::= OIF; | |
| _. meta_key_unqualified ::= OIFNAME; | |
| _. meta_key_unqualified ::= OIFTYPE; | |
| _. meta_key_unqualified ::= SKUID; | |
| _. meta_key_unqualified ::= SKGID; | |
| _. meta_key_unqualified ::= NFTRACE; | |
| _. meta_key_unqualified ::= RTCLASSID; | |
| _. meta_key_unqualified ::= IBRIPORT; | |
| _. meta_key_unqualified ::= OBRIPORT; | |
| _. meta_key_unqualified ::= IBRIDGENAME; | |
| _. meta_key_unqualified ::= OBRIDGENAME; | |
| _. meta_key_unqualified ::= PKTTYPE; | |
| _. meta_key_unqualified ::= CPU; | |
| _. meta_key_unqualified ::= IIFGROUP; | |
| _. meta_key_unqualified ::= OIFGROUP; | |
| _. meta_key_unqualified ::= CGROUP; | |
| _. meta_key_unqualified ::= IPSEC; | |
| _. meta_key_unqualified ::= TIME; | |
| _. meta_key_unqualified ::= DAY; | |
| _. meta_key_unqualified ::= HOUR; | |
| _. meta_stmt ::= META meta_key SET stmt_expr; | |
| _. meta_stmt ::= meta_key_unqualified SET stmt_expr; | |
| _. meta_stmt ::= META STRING SET stmt_expr; | |
| _. meta_stmt ::= NOTRACK; | |
| _. meta_stmt ::= FLOW OFFLOAD AT string; | |
| _. meta_stmt ::= FLOW ADD AT string; | |
| _. socket_expr ::= SOCKET socket_key; | |
| _. socket_key ::= TRANSPARENT; | |
| _. socket_key ::= MARK; | |
| _. offset_opt ::= ; | |
| _. offset_opt ::= OFFSET NUM; | |
| _. numgen_type ::= INC; | |
| _. numgen_type ::= RANDOM; | |
| _. numgen_expr ::= NUMGEN numgen_type MOD NUM offset_opt; | |
| _. xfrm_spnum ::= SPNUM NUM; | |
| _. xfrm_spnum ::=; | |
| _. xfrm_dir ::= IN; | |
| _. xfrm_dir ::= OUT; | |
| _. xfrm_state_key ::= SPI; | |
| _. xfrm_state_key ::= REQID; | |
| _. xfrm_state_proto_key ::= DADDR; | |
| _. xfrm_state_proto_key ::= SADDR; | |
| _. xfrm_expr ::= IPSEC xfrm_dir xfrm_spnum xfrm_state_key; | |
| _. xfrm_expr ::= IPSEC xfrm_dir xfrm_spnum nf_key_proto xfrm_state_proto_key; | |
| _. hash_expr ::= JHASH expr MOD NUM SEED NUM offset_opt; | |
| _. hash_expr ::= JHASH expr MOD NUM offset_opt; | |
| _. hash_expr ::= SYMHASH MOD NUM offset_opt; | |
| _. nf_key_proto ::= IP; | |
| _. nf_key_proto ::= IP6; | |
| _. rt_expr ::= RT rt_key; | |
| _. rt_expr ::= RT nf_key_proto rt_key; | |
| _. rt_key ::= CLASSID; | |
| _. rt_key ::= NEXTHOP; | |
| _. rt_key ::= MTU; | |
| _. rt_key ::= IPSEC; | |
| _. ct_expr ::= CT ct_key; | |
| _. ct_expr ::= CT ct_dir ct_key_dir; | |
| _. ct_expr ::= CT ct_dir ct_key_proto_field; | |
| _. ct_dir ::= ORIGINAL; | |
| _. ct_dir ::= REPLY; | |
| _. ct_key ::= L3PROTOCOL; | |
| _. ct_key ::= PROTOCOL; | |
| _. ct_key ::= MARK; | |
| _. ct_key ::= STATE; | |
| _. ct_key ::= DIRECTION; | |
| _. ct_key ::= STATUS; | |
| _. ct_key ::= EXPIRATION; | |
| _. ct_key ::= HELPER; | |
| _. ct_key ::= SADDR; | |
| _. ct_key ::= DADDR; | |
| _. ct_key ::= PROTO_SRC; | |
| _. ct_key ::= PROTO_DST; | |
| _. ct_key ::= LABEL; | |
| _. ct_key ::= EVENT; | |
| _. ct_key ::= SECMARK; | |
| _. ct_key ::= ct_key_dir_optional; | |
| _. ct_key_dir ::= SADDR; | |
| _. ct_key_dir ::= DADDR; | |
| _. ct_key_dir ::= L3PROTOCOL; | |
| _. ct_key_dir ::= PROTOCOL; | |
| _. ct_key_dir ::= PROTO_SRC; | |
| _. ct_key_dir ::= PROTO_DST; | |
| _. ct_key_dir ::= ct_key_dir_optional; | |
| _. ct_key_proto_field ::= IP SADDR; | |
| _. ct_key_proto_field ::= IP DADDR; | |
| _. ct_key_proto_field ::= IP6 SADDR; | |
| _. ct_key_proto_field ::= IP6 DADDR; | |
| _. ct_key_dir_optional ::= BYTES; | |
| _. ct_key_dir_optional ::= PACKETS; | |
| _. ct_key_dir_optional ::= AVGPKT; | |
| _. ct_key_dir_optional ::= ZONE; | |
| _. symbol_stmt_expr ::= symbol_expr; | |
| _. symbol_stmt_expr ::= keyword_expr; | |
| _. list_stmt_expr ::= symbol_stmt_expr COMMA symbol_stmt_expr; | |
| _. list_stmt_expr ::= list_stmt_expr COMMA symbol_stmt_expr; | |
| _. ct_stmt ::= CT ct_key SET stmt_expr; | |
| _. ct_stmt ::= CT TIMEOUT SET stmt_expr; | |
| _. ct_stmt ::= CT EXPECTATION SET stmt_expr; | |
| _. ct_stmt ::= CT ct_dir ct_key_dir_optional SET stmt_expr; | |
| _. payload_stmt ::= payload_expr SET stmt_expr; | |
| _. payload_expr ::= payload_raw_expr; | |
| _. payload_expr ::= eth_hdr_expr; | |
| _. payload_expr ::= vlan_hdr_expr; | |
| _. payload_expr ::= arp_hdr_expr; | |
| _. payload_expr ::= ip_hdr_expr; | |
| _. payload_expr ::= icmp_hdr_expr; | |
| _. payload_expr ::= igmp_hdr_expr; | |
| _. payload_expr ::= ip6_hdr_expr; | |
| _. payload_expr ::= icmp6_hdr_expr; | |
| _. payload_expr ::= auth_hdr_expr; | |
| _. payload_expr ::= esp_hdr_expr; | |
| _. payload_expr ::= comp_hdr_expr; | |
| _. payload_expr ::= udp_hdr_expr; | |
| _. payload_expr ::= udplite_hdr_expr; | |
| _. payload_expr ::= tcp_hdr_expr; | |
| _. payload_expr ::= dccp_hdr_expr; | |
| _. payload_expr ::= sctp_hdr_expr; | |
| _. payload_expr ::= th_hdr_expr; | |
| _. payload_raw_expr ::= AT payload_base_spec COMMA NUM COMMA NUM; | |
| _. payload_base_spec ::= LL_HDR; | |
| _. payload_base_spec ::= NETWORK_HDR; | |
| _. payload_base_spec ::= TRANSPORT_HDR; | |
| _. eth_hdr_expr ::= ETHER eth_hdr_field; | |
| _. eth_hdr_field ::= SADDR; | |
| _. eth_hdr_field ::= DADDR; | |
| _. eth_hdr_field ::= TYPE; | |
| _. vlan_hdr_expr ::= VLAN vlan_hdr_field; | |
| _. vlan_hdr_field ::= ID; | |
| _. vlan_hdr_field ::= CFI; | |
| _. vlan_hdr_field ::= PCP; | |
| _. vlan_hdr_field ::= TYPE; | |
| _. arp_hdr_expr ::= ARP arp_hdr_field; | |
| _. arp_hdr_field ::= HTYPE; | |
| _. arp_hdr_field ::= PTYPE; | |
| _. arp_hdr_field ::= HLEN; | |
| _. arp_hdr_field ::= PLEN; | |
| _. arp_hdr_field ::= OPERATION; | |
| _. arp_hdr_field ::= SADDR ETHER; | |
| _. arp_hdr_field ::= DADDR ETHER; | |
| _. arp_hdr_field ::= SADDR IP; | |
| _. arp_hdr_field ::= DADDR IP; | |
| _. ip_hdr_expr ::= IP ip_hdr_field; | |
| _. ip_hdr_expr ::= IP OPTION ip_option_type ip_option_field; | |
| _. ip_hdr_expr ::= IP OPTION ip_option_type; | |
| _. ip_hdr_field ::= HDRVERSION; | |
| _. ip_hdr_field ::= HDRLENGTH; | |
| _. ip_hdr_field ::= DSCP; | |
| _. ip_hdr_field ::= ECN; | |
| _. ip_hdr_field ::= LENGTH; | |
| _. ip_hdr_field ::= ID; | |
| _. ip_hdr_field ::= FRAG_OFF; | |
| _. ip_hdr_field ::= TTL; | |
| _. ip_hdr_field ::= PROTOCOL; | |
| _. ip_hdr_field ::= CHECKSUM; | |
| _. ip_hdr_field ::= SADDR; | |
| _. ip_hdr_field ::= DADDR; | |
| _. ip_option_type ::= LSRR; | |
| _. ip_option_type ::= RR; | |
| _. ip_option_type ::= SSRR; | |
| _. ip_option_type ::= RA; | |
| _. ip_option_field ::= TYPE; | |
| _. ip_option_field ::= LENGTH; | |
| _. ip_option_field ::= VALUE; | |
| _. ip_option_field ::= PTR; | |
| _. ip_option_field ::= ADDR; | |
| _. icmp_hdr_expr ::= ICMP icmp_hdr_field; | |
| _. icmp_hdr_field ::= TYPE; | |
| _. icmp_hdr_field ::= CODE; | |
| _. icmp_hdr_field ::= CHECKSUM; | |
| _. icmp_hdr_field ::= ID; | |
| _. icmp_hdr_field ::= SEQUENCE; | |
| _. icmp_hdr_field ::= GATEWAY; | |
| _. icmp_hdr_field ::= MTU; | |
| _. igmp_hdr_expr ::= IGMP igmp_hdr_field; | |
| _. igmp_hdr_field ::= TYPE; | |
| _. igmp_hdr_field ::= CHECKSUM; | |
| _. igmp_hdr_field ::= MRT; | |
| _. igmp_hdr_field ::= GROUP; | |
| _. ip6_hdr_expr ::= IP6 ip6_hdr_field; | |
| _. ip6_hdr_field ::= HDRVERSION; | |
| _. ip6_hdr_field ::= DSCP; | |
| _. ip6_hdr_field ::= ECN; | |
| _. ip6_hdr_field ::= FLOWLABEL; | |
| _. ip6_hdr_field ::= LENGTH; | |
| _. ip6_hdr_field ::= NEXTHDR; | |
| _. ip6_hdr_field ::= HOPLIMIT; | |
| _. ip6_hdr_field ::= SADDR; | |
| _. ip6_hdr_field ::= DADDR; | |
| _. icmp6_hdr_expr ::= ICMP6 icmp6_hdr_field; | |
| _. icmp6_hdr_field ::= TYPE; | |
| _. icmp6_hdr_field ::= CODE; | |
| _. icmp6_hdr_field ::= CHECKSUM; | |
| _. icmp6_hdr_field ::= PPTR; | |
| _. icmp6_hdr_field ::= MTU; | |
| _. icmp6_hdr_field ::= ID; | |
| _. icmp6_hdr_field ::= SEQUENCE; | |
| _. icmp6_hdr_field ::= MAXDELAY; | |
| _. auth_hdr_expr ::= AH auth_hdr_field; | |
| _. auth_hdr_field ::= NEXTHDR; | |
| _. auth_hdr_field ::= HDRLENGTH; | |
| _. auth_hdr_field ::= RESERVED; | |
| _. auth_hdr_field ::= SPI; | |
| _. auth_hdr_field ::= SEQUENCE; | |
| _. esp_hdr_expr ::= ESP esp_hdr_field; | |
| _. esp_hdr_field ::= SPI; | |
| _. esp_hdr_field ::= SEQUENCE; | |
| _. comp_hdr_expr ::= COMP comp_hdr_field; | |
| _. comp_hdr_field ::= NEXTHDR; | |
| _. comp_hdr_field ::= FLAGS; | |
| _. comp_hdr_field ::= CPI; | |
| _. udp_hdr_expr ::= UDP udp_hdr_field; | |
| _. udp_hdr_field ::= SPORT; | |
| _. udp_hdr_field ::= DPORT; | |
| _. udp_hdr_field ::= LENGTH; | |
| _. udp_hdr_field ::= CHECKSUM; | |
| _. udplite_hdr_expr ::= UDPLITE udplite_hdr_field; | |
| _. udplite_hdr_field ::= SPORT; | |
| _. udplite_hdr_field ::= DPORT; | |
| _. udplite_hdr_field ::= CSUMCOV; | |
| _. udplite_hdr_field ::= CHECKSUM; | |
| _. tcp_hdr_expr ::= TCP tcp_hdr_field; | |
| _. tcp_hdr_expr ::= TCP OPTION tcp_hdr_option_type tcp_hdr_option_field; | |
| _. tcp_hdr_expr ::= TCP OPTION tcp_hdr_option_type; | |
| _. tcp_hdr_field ::= SPORT; | |
| _. tcp_hdr_field ::= DPORT; | |
| _. tcp_hdr_field ::= SEQUENCE; | |
| _. tcp_hdr_field ::= ACKSEQ; | |
| _. tcp_hdr_field ::= DOFF; | |
| _. tcp_hdr_field ::= RESERVED; | |
| _. tcp_hdr_field ::= FLAGS; | |
| _. tcp_hdr_field ::= WINDOW; | |
| _. tcp_hdr_field ::= CHECKSUM; | |
| _. tcp_hdr_field ::= URGPTR; | |
| _. tcp_hdr_option_type ::= EOL; | |
| _. tcp_hdr_option_type ::= NOOP; | |
| _. tcp_hdr_option_type ::= MAXSEG; | |
| _. tcp_hdr_option_type ::= WINDOW; | |
| _. tcp_hdr_option_type ::= SACK_PERMITTED; | |
| _. tcp_hdr_option_type ::= SACK; | |
| _. tcp_hdr_option_type ::= SACK0; | |
| _. tcp_hdr_option_type ::= SACK1; | |
| _. tcp_hdr_option_type ::= SACK2; | |
| _. tcp_hdr_option_type ::= SACK3; | |
| _. tcp_hdr_option_type ::= ECHO; | |
| _. tcp_hdr_option_type ::= TIMESTAMP; | |
| _. tcp_hdr_option_field ::= KIND; | |
| _. tcp_hdr_option_field ::= LENGTH; | |
| _. tcp_hdr_option_field ::= SIZE; | |
| _. tcp_hdr_option_field ::= COUNT; | |
| _. tcp_hdr_option_field ::= LEFT; | |
| _. tcp_hdr_option_field ::= RIGHT; | |
| _. tcp_hdr_option_field ::= TSVAL; | |
| _. tcp_hdr_option_field ::= TSECR; | |
| _. dccp_hdr_expr ::= DCCP dccp_hdr_field; | |
| _. dccp_hdr_field ::= SPORT; | |
| _. dccp_hdr_field ::= DPORT; | |
| _. dccp_hdr_field ::= TYPE; | |
| _. sctp_hdr_expr ::= SCTP sctp_hdr_field; | |
| _. sctp_hdr_field ::= SPORT; | |
| _. sctp_hdr_field ::= DPORT; | |
| _. sctp_hdr_field ::= VTAG; | |
| _. sctp_hdr_field ::= CHECKSUM; | |
| _. th_hdr_expr ::= TRANSPORT_HDR th_hdr_field; | |
| _. th_hdr_field ::= SPORT; | |
| _. th_hdr_field ::= DPORT; | |
| _. exthdr_expr ::= hbh_hdr_expr; | |
| _. exthdr_expr ::= rt_hdr_expr; | |
| _. exthdr_expr ::= rt0_hdr_expr; | |
| _. exthdr_expr ::= rt2_hdr_expr; | |
| _. exthdr_expr ::= rt4_hdr_expr; | |
| _. exthdr_expr ::= frag_hdr_expr; | |
| _. exthdr_expr ::= dst_hdr_expr; | |
| _. exthdr_expr ::= mh_hdr_expr; | |
| _. hbh_hdr_expr ::= HBH hbh_hdr_field; | |
| _. hbh_hdr_field ::= NEXTHDR; | |
| _. hbh_hdr_field ::= HDRLENGTH; | |
| _. rt_hdr_expr ::= RT rt_hdr_field; | |
| _. rt_hdr_field ::= NEXTHDR; | |
| _. rt_hdr_field ::= HDRLENGTH; | |
| _. rt_hdr_field ::= TYPE; | |
| _. rt_hdr_field ::= SEG_LEFT; | |
| _. rt0_hdr_expr ::= RT0 rt0_hdr_field; | |
| _. rt0_hdr_field ::= ADDR "[" NUM "]"; | |
| _. rt2_hdr_expr ::= RT2 rt2_hdr_field; | |
| _. rt2_hdr_field ::= ADDR; | |
| _. rt4_hdr_expr ::= RT4 rt4_hdr_field; | |
| _. rt4_hdr_field ::= LAST_ENT; | |
| _. rt4_hdr_field ::= FLAGS; | |
| _. rt4_hdr_field ::= TAG; | |
| _. rt4_hdr_field ::= SID "[" NUM "]"; | |
| _. frag_hdr_expr ::= FRAG frag_hdr_field; | |
| _. frag_hdr_field ::= NEXTHDR; | |
| _. frag_hdr_field ::= RESERVED; | |
| _. frag_hdr_field ::= FRAG_OFF; | |
| _. frag_hdr_field ::= RESERVED2; | |
| _. frag_hdr_field ::= MORE_FRAGMENTS; | |
| _. frag_hdr_field ::= ID; | |
| _. dst_hdr_expr ::= DST dst_hdr_field; | |
| _. dst_hdr_field ::= NEXTHDR; | |
| _. dst_hdr_field ::= HDRLENGTH; | |
| _. mh_hdr_expr ::= MH mh_hdr_field; | |
| _. mh_hdr_field ::= NEXTHDR; | |
| _. mh_hdr_field ::= HDRLENGTH; | |
| _. mh_hdr_field ::= TYPE; | |
| _. mh_hdr_field ::= RESERVED; | |
| _. mh_hdr_field ::= CHECKSUM; | |
| _. exthdr_exists_expr ::= EXTHDR exthdr_key; | |
| _. exthdr_key ::= HBH; | |
| _. exthdr_key ::= RT; | |
| _. exthdr_key ::= FRAG; | |
| _. exthdr_key ::= DST; | |
| _. exthdr_key ::= MH; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment