From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Phil Sutter <phil@nwl.cc>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [nft PATCH 3/4] xt: Print comment match data as well
Date: Thu, 5 Feb 2026 02:35:29 +0100 [thread overview]
Message-ID: <aYPz4TwVBQm3Fb0k@chamomile> (raw)
In-Reply-To: <20260127222916.31806-4-phil@nwl.cc>
On Tue, Jan 27, 2026 at 11:29:15PM +0100, Phil Sutter wrote:
> In order to translate comment matches into the single nftables rule
> comment, libxtables does not immediately (maybe mid-rule) print a
> comment match's string but instead stores it into struct
> xt_xlate::comment array for later.
>
> Since xt_stmt_xlate() is called by a statement's .print callback which
> can't communicate data back to caller, nftables has to print it right
> away.
This is a bugfix, correct?
> Since parser_bison accepts rule comments only at end of line though, the
> output from above can't be restored anymore. Which is a bad idea to
> begin with so accept this quirk and avoid refactoring the statement
> printing API.
>
> Signed-off-by: Phil Sutter <phil@nwl.cc>
> ---
> src/xt.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/src/xt.c b/src/xt.c
> index f7bee21618030..c3a8c47621cbb 100644
> --- a/src/xt.c
> +++ b/src/xt.c
> @@ -112,8 +112,12 @@ void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx)
> break;
> }
>
> - if (rc == 1)
> + if (rc == 1) {
> nft_print(octx, "%s", xt_xlate_get(xl));
> + if (xt_xlate_get_comment(xl))
> + nft_print(octx, "comment %s",
> + xt_xlate_get_comment(xl));
> + }
> xt_xlate_free(xl);
> free(entry);
> #endif
> --
> 2.51.0
>
next prev parent reply other threads:[~2026-02-05 1:35 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-27 22:29 [nft PATCH 0/4] Inspect and improve test suite code coverage Phil Sutter
2026-01-27 22:29 ` [nft PATCH 1/4] configure: Implement --enable-profiling option Phil Sutter
2026-02-05 1:29 ` Pablo Neira Ayuso
2026-01-27 22:29 ` [nft PATCH 2/4] tests: shell: Add a simple test for nftrace Phil Sutter
2026-01-27 22:29 ` [nft PATCH 3/4] xt: Print comment match data as well Phil Sutter
2026-02-05 1:35 ` Pablo Neira Ayuso [this message]
2026-02-05 13:29 ` Phil Sutter
2026-01-27 22:29 ` [nft PATCH 4/4] tests: shell: Add a basic test for src/xt.c Phil Sutter
2026-02-05 1:35 ` [nft PATCH 0/4] Inspect and improve test suite code coverage Pablo Neira Ayuso
2026-02-05 13:30 ` Phil Sutter
2026-02-05 15:21 ` Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aYPz4TwVBQm3Fb0k@chamomile \
--to=pablo@netfilter.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=phil@nwl.cc \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.