From: Florian Westphal <fw@strlen.de>
To: Phil Sutter <phil@nwl.cc>, Florian Westphal <fw@strlen.de>,
netfilter-devel@vger.kernel.org
Subject: Re: [PATCH nft 6/6] src: allow arbitary chain name in implicit rule add case
Date: Thu, 18 Mar 2021 13:37:24 +0100 [thread overview]
Message-ID: <20210318123724.GB22603@breakpoint.cc> (raw)
In-Reply-To: <20210318120019.GH6306@orbyte.nwl.cc>
Phil Sutter <phil@nwl.cc> wrote:
> > Another alternative is to deprecate implicit rule add altogether
> > so users would have to move to 'nft add rule ...'.
>
> Isn't this required for nested syntax? I didn't check, but does your
> arbitrary table/chain name support work also when restoring a ruleset in
> that nested syntax?
Whats 'nested syntax'?
You mean "table bla { chain foo {"?
> Another interesting aspect might be arbitrary set
> names - 'set' is also a valid keyword used in rules, this fact killed my
> approach with start conditions. ;)
Right, arbitrary set names are needed as well, I forgot about them.
It should be possible by using two "set" rules in flex.
One in the INITIAL scope (to handle set bla {), and one in
'rule' or 'expression scope'.
The former would switch to an exclusive start condition (expect
STRING, close condition on '{', just like CHAIN is handled here.
The latter would not change state and just return SET token.
next prev parent reply other threads:[~2021-03-18 12:38 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-16 23:40 [PATCH nft 0/6] arbirary table/chain names Florian Westphal
2021-03-16 23:40 ` [PATCH nft 1/6] scanner: add support for scope nesting Florian Westphal
2021-03-16 23:40 ` [PATCH nft 2/6] scanner: counter: move to own scope Florian Westphal
2021-03-16 23:40 ` [PATCH nft 3/6] scanner: log: " Florian Westphal
2021-03-16 23:40 ` [PATCH nft 4/6] scanner: support arbitary table names Florian Westphal
2021-03-16 23:40 ` [PATCH nft 5/6] scanner: support arbitrary chain names Florian Westphal
2021-03-16 23:40 ` [PATCH nft 6/6] src: allow arbitary chain name in implicit rule add case Florian Westphal
2021-03-18 12:00 ` Phil Sutter
2021-03-18 12:37 ` Florian Westphal [this message]
2021-03-18 13:51 ` Phil Sutter
2021-03-18 13:20 ` Florian Westphal
2021-03-24 10:58 ` Florian Westphal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210318123724.GB22603@breakpoint.cc \
--to=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
--cc=phil@nwl.cc \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.