[PATCH nft] parser: permit symbolic defines for 'queue num' again

[Florian Westphal <fw@strlen.de>]

WHen I simplified the parser to restrict 'queue num' I forgot that
instead of range and immediate value its also allowed to pass in
a symbolic constant, e.g.

define myq = 0
add rule ... 'queue num $myq bypass'

Allow those as well and add a test case for this.

Fixes: 767f0af82a389 ("parser: restrict queue num expressiveness")
Reported-by: Amish <anon.amish@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
---
 src/parser_bison.y                                         | 1 +
 tests/shell/testcases/nft-f/0012different_defines_0        | 7 +++++++
 .../testcases/nft-f/dumps/0012different_defines_0.nft      | 5 +++++
 3 files changed, 13 insertions(+)

diff --git a/src/parser_bison.y b/src/parser_bison.y
index 2634b90c559b..2c96ea69d0b2 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -3793,6 +3793,7 @@ queue_stmt_arg		:	QUEUENUM	queue_stmt_expr_simple
 
 queue_stmt_expr_simple	:	integer_expr
 			|	range_rhs_expr
+			|	symbol_expr
 			;
 
 queue_stmt_expr		:	numgen_expr
diff --git a/tests/shell/testcases/nft-f/0012different_defines_0 b/tests/shell/testcases/nft-f/0012different_defines_0
index 0bdbd1b5f147..fe22858791a1 100755
--- a/tests/shell/testcases/nft-f/0012different_defines_0
+++ b/tests/shell/testcases/nft-f/0012different_defines_0
@@ -14,6 +14,8 @@ define d_ipv4_2 = 10.0.0.2
 define d_ipv6 = fe0::1
 define d_ipv6_2 = fe0::2
 define d_ports = 100-222
+define d_qnum = 0
+define d_qnumr = 1-42
 
 table inet t {
 	chain c {
@@ -29,6 +31,11 @@ table inet t {
 		ip daddr . meta iif vmap { \$d_ipv4 . \$d_iif : accept }
 		tcp dport \$d_ports
 		udp dport vmap { \$d_ports : accept }
+		tcp dport 1 tcp sport 1 meta oifname \"foobar\" queue num \$d_qnum bypass
+		tcp dport 1 tcp sport 1 meta oifname \"foobar\" queue num \$d_qnumr
+		tcp dport 1 tcp sport 1 meta oifname \"foobar\" queue flags bypass,fanout num \$d_qnumr
+		tcp dport 1 tcp sport 1 meta oifname \"foobar\" queue to symhash mod 2
+		tcp dport 1 tcp sport 1 meta oifname \"foobar\" queue flags bypass to jhash tcp dport . tcp sport mod 4
 	}
 }"
 
diff --git a/tests/shell/testcases/nft-f/dumps/0012different_defines_0.nft b/tests/shell/testcases/nft-f/dumps/0012different_defines_0.nft
index 28094387ebed..e690f322436d 100644
--- a/tests/shell/testcases/nft-f/dumps/0012different_defines_0.nft
+++ b/tests/shell/testcases/nft-f/dumps/0012different_defines_0.nft
@@ -12,5 +12,10 @@ table inet t {
 		ip daddr . iif vmap { 10.0.0.0 . "lo" : accept }
 		tcp dport 100-222
 		udp dport vmap { 100-222 : accept }
+		tcp sport 1 tcp dport 1 oifname "foobar" queue flags bypass num 0
+		tcp sport 1 tcp dport 1 oifname "foobar" queue num 1-42
+		tcp sport 1 tcp dport 1 oifname "foobar" queue flags bypass,fanout num 1-42
+		tcp sport 1 tcp dport 1 oifname "foobar" queue to symhash mod 2
+		tcp sport 1 tcp dport 1 oifname "foobar" queue flags bypass to jhash tcp dport . tcp sport mod 4
 	}
 }
-- 
2.31.1