From: Florian Westphal <fw@strlen.de>
To: Alexandre Knecht <knecht.alexandre@gmail.com>
Cc: netfilter-devel@vger.kernel.org, Phil Sutter <phil@nwl.cc>
Subject: Re: [nft PATCH v2] parser_json: support handle for rule positioning in JSON add rule
Date: Sun, 2 Nov 2025 13:41:48 +0100 [thread overview]
Message-ID: <aQdRjC4HJmjMStrI@strlen.de> (raw)
In-Reply-To: <CAHAB8WyByEKOKGropjHYFvz=yprJ4B=nS6kV6xyVLm0PWMWbYQ@mail.gmail.com>
Alexandre Knecht <knecht.alexandre@gmail.com> wrote:
Export/import scenario (handles are metadata):
> {"add": {"rule": {"family": "inet", "table": "test", "chain": "c",
> "handle": 4, "expr": [...]}}}
> → Handle 4 is ignored, rule appended
>
> Explicit positioning:
> {"add": {"rule": {"family": "inet", "table": "test", "chain": "c",
> "position": 2, "expr": [...]}}}
> → Rule added after handle 2
>
> What do you think about this approach? I can implement it if you agree it's
> the right direction.
I think its a sensible strategy, yes.
Reactivating the handle is a no-go as it will break existing cases.
Could you also add a test case that validates the various relative
positioning outcomes?
i.e. given:
rule handle 1
rule handle 2
rule handle 3
- check that positinging at 1 results in
rule 1
rule N
rule 2
rule 3
- check that positining at rule 1 results in
rule 1
rule N2
rule N
rule 2
rule 3
- check that positinging at rule 1 will fail
in case that rule was already deleted.
- check that positinging at rule 2 will insert
after handle 2 and not N2.
My only question is how "Position" is treated with insert (instead of
add).
It should NOT be ignored, it should either be rejected outright (and
everywhere its not expected) or it should have different meaning, ie.
prepend (insert occurs before the given handle).
next prev parent reply other threads:[~2025-11-02 12:42 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-29 0:30 [nft PATCH] parser_json: support handle for rule positioning in JSON add rule Alexandre Knecht
2025-10-29 11:18 ` Florian Westphal
2025-10-29 22:45 ` Alexandre Knecht
2025-10-29 22:45 ` [nft PATCH v2] parser_json: support handle for rule positioning in JSON add rule Alexandre Knecht
2025-10-30 10:44 ` Florian Westphal
2025-10-30 11:34 ` Florian Westphal
2025-10-30 20:48 ` Alexandre Knecht
2025-11-02 12:41 ` Florian Westphal [this message]
2025-11-04 11:18 ` Phil Sutter
2025-11-06 8:40 ` Alexandre Knecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aQdRjC4HJmjMStrI@strlen.de \
--to=fw@strlen.de \
--cc=knecht.alexandre@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=phil@nwl.cc \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.