From 97b5e3506e486219550f20a5a2481d7faeb60726 Mon Sep 17 00:00:00 2001 From: theredcmdcraft <57496807+theredcmdcraft@users.noreply.github.com> Date: Fri, 20 Jun 2025 21:00:25 +0200 Subject: [PATCH] Nftables improvements (#3517) --- runtime/syntax/nftables.yaml | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/runtime/syntax/nftables.yaml b/runtime/syntax/nftables.yaml index a477fade..d1f217ad 100644 --- a/runtime/syntax/nftables.yaml +++ b/runtime/syntax/nftables.yaml @@ -1,20 +1,29 @@ filetype: nftables detect: - filename: "nftables.conf$" + filename: "(nftables\\.(conf|rules)$|nftables(\\.rules)?\\.d/)" header: "^(#!.*/(env +)?nft( |$)|flush +ruleset)" - + rules: - type: "\\b(chain|counter|map|rule|ruleset|set|table)\\b" - - type: "\\b(ether|icmp|icmpv6|icmpx|inet|ip|ip6|ipv4|ipv6|tcp|udp)\\b" - - special: "\\b(elements|hook|policy|priority|type)\\b" - - identifier: "\\b(ct|iif|iifname|meta|oif|oifname|th)\\b" - - statement: "\\b(accept|drop|goto|jump|log|masquerade|reject)\\b" + - type: "\\b(ether|inet|i(cm)?p(x|(v?(4|6))?)|tcp|udp|8021q)\\b" + - special: "\\b(element(s)?|hook|policy|priority|type|state)\\b" + - identifier: "\\b(ct|iif|iifname|meta|oif|oifname|th|dport|sport|saddr|daddr|l4proto)\\b" + - statement: "\\b(accept|drop|goto|jump|log|masquerade|reject|limit|queue)\\b" - preproc: "\\b(add|define|flush|include|delete)\\b" - - symbol: "[-=/:;,@]" - - symbol.operator: "[<>.&|^!]|\\b(and|ge|gt|le|lt|or|xor)\\b" - - constant.string: '([\"]{1})(.*)([\"]{1})' + - symbol.operator: "[<>.&|^!=:;,@]|\\b(and|ge|gt|le|lt|or|xor)\\b" + - constant.string: + start: "\"" + end: "\"" + # Integer Constants + - constant.number: "\\b([0-9]+)\\b" + - constant.number: "\\b(0x[0-9a-fA-F]+)\\b" - identifier.var: "[$@][a-zA-Z_.][a-zA-Z0-9_/.-]*" - comment: "(^|[[:space:]])#([^{].*)?$" - indent-char.whitespace: "[[:space:]]+$" - indent-char: " + +| + +" + - comment: + start: "#" + end: "$" + rules: + - todo: "(TODO|FIXME):?"