From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Eric Leblond <eric@regit.org>,
netfilter-devel@vger.kernel.org, Florian Westphal <fw@strlen.de>
Subject: Re: [nft PATCH 6/7] libnftables: Provide an API for include path handling
Date: Fri, 20 Oct 2017 23:12:51 +0200 [thread overview]
Message-ID: <20171020211251.GL32305@orbyte.nwl.cc> (raw)
In-Reply-To: <20171020191643.GC1600@salvia>
On Fri, Oct 20, 2017 at 09:16:43PM +0200, Pablo Neira Ayuso wrote:
> On Fri, Oct 20, 2017 at 07:16:20PM +0200, Phil Sutter wrote:
> > Hi,
> >
> > On Fri, Oct 20, 2017 at 02:17:00PM +0200, Pablo Neira Ayuso wrote:
> > > On Thu, Oct 19, 2017 at 10:18:46AM +0200, Phil Sutter wrote:
> > [...]
> > > > +int nft_ctx_add_include_path(struct nft_ctx *ctx, const char *path)
> > >
> > > Do we want to accept runtime addition/removal of include paths?
> >
> > Not necessarily, but src/main.c does just that: It calls nft_ctx_new()
> > first, then adds include paths as it parses them from command line.
>
> So it's more like a one time call to set up the include path, right?
> So I think semantically this is just another setter. This _add_ name
> made me think you can keep adding including path one after another
> anytime.
Yes, the API (or specifically, nft_ctx_add_include_path()) allows that.
The only alternative I could think of would be to introduce something
like:
| int nft_ctx_set_include_paths(struct nft_ctx *ctx, const char **paths)
Which means src/main.c would have to take care of populating the char **
array itself in order to later pass it in one go to the setter. Fine
with me, you decide! :)
> > > I mean, I would just make it nft_ctx_set_include_path(), then add an
> > > unsetter, so we simplify this.
> >
> > The counterpart to nft_ctx_add_include_path() is
> > nft_ctx_clear_include_paths(), which just drops all the previously set
> > ones. Does that meet your understanding of an unsetter, or am I missing
> > something?
>
> Do we have a usecase for nft_ctx_clear_include_paths(). If we don't
> - I don't see any at least from my side - I'd prefer, to keep it back.
It's only used in nft_ctx_free() for now, just because it's convenient.
If you don't want to export it (yet), I can make it static so code
readability is kept but it won't be available to applications.
> > The reason why this patch is a bit more complicated is because I wanted
> > to get rid of the hard upper limit of include paths to avoid introducing
> > a getter for number of set include paths or to make it necessary for
> > applications (read: src/main.c) to check what return code
> > nft_ctx_add_include_path() returned to print a reasonable error message.
>
> I'm fine with removing the upper limit, but that is a different thing.
> My only concerns are related to the API we provide to set include
> paths.
OK, cool. So we only have to agree about above items.
Cheers, Phil
next prev parent reply other threads:[~2017-10-20 21:12 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-19 8:18 [nft PATCH 0/7] libnftables preparations Phil Sutter
2017-10-19 8:18 ` [nft PATCH 1/7] nft_ctx_free: Fix for wrong argument passed to cache_release Phil Sutter
2017-10-20 12:01 ` Pablo Neira Ayuso
2017-10-19 8:18 ` [nft PATCH 2/7] libnftables: Move library stuff out of main.c Phil Sutter
2017-10-20 12:12 ` Pablo Neira Ayuso
2017-10-20 17:02 ` Phil Sutter
2017-10-20 19:08 ` Pablo Neira Ayuso
2017-10-19 8:18 ` [nft PATCH 3/7] libnftables: Introduce nft_ctx_flush_cache() Phil Sutter
2017-10-20 12:13 ` Pablo Neira Ayuso
2017-10-20 17:05 ` Phil Sutter
2017-10-20 19:10 ` Pablo Neira Ayuso
2017-10-20 21:00 ` Phil Sutter
2017-10-19 8:18 ` [nft PATCH 4/7] cli: Use nft_run_cmd_from_buffer() Phil Sutter
2017-10-20 12:15 ` Pablo Neira Ayuso
2017-10-20 17:10 ` Phil Sutter
2017-10-20 19:18 ` Pablo Neira Ayuso
2017-10-20 21:05 ` Phil Sutter
2017-10-19 8:18 ` [nft PATCH 5/7] libnftables: Introduce nft_ctx_set_dry_run() Phil Sutter
2017-10-19 8:18 ` [nft PATCH 6/7] libnftables: Provide an API for include path handling Phil Sutter
2017-10-20 12:17 ` Pablo Neira Ayuso
2017-10-20 17:16 ` Phil Sutter
2017-10-20 19:16 ` Pablo Neira Ayuso
2017-10-20 21:12 ` Phil Sutter [this message]
2017-10-19 8:18 ` [nft PATCH 7/7] libnftables: Add remaining getters and setters Phil Sutter
2017-10-20 12:18 ` Pablo Neira Ayuso
2017-10-20 16:08 ` Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171020211251.GL32305@orbyte.nwl.cc \
--to=phil@nwl.cc \
--cc=eric@regit.org \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.