Linux Netfilter discussions
 help / color / mirror / Atom feed
From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Grant C <grant@gc9.org>
Cc: netfilter@vger.kernel.org
Subject: Re: error using variable for network device name in 'hook ingress device $external_interface'
Date: Mon, 17 Aug 2020 11:58:39 +0200	[thread overview]
Message-ID: <20200817095839.GA5731@salvia> (raw)
In-Reply-To: <f05dedbd-3c4c-e31c-80ec-0383e7da1518@gc9.org>

On Sun, Aug 16, 2020 at 05:23:38PM -0700, Grant C wrote:
> Hello,
> 
> Is there special syntax required to use a variable name instead of
> hard-coding the interface name in a declaration like the following?
> 
> chain blackhole {
>   type filter hook ingress device $external_interface priority -500; policy
> accept
> 
> Error: syntax error, unexpected '$', expecting string or quoted string or
> string with a trailing asterisk
>                 type filter hook ingress device $external_interface priority -500; policy accept
> 
> using the interface name directly instead of the variable works.
> 
> Trying the new syntax that allows using a list, 'ingress devices = { }' also
> fails when using a variable either inside an anonymous list, or as the name
> of a named list.
> 
> 
> I am using nftables 9.3 from Debian Buster backports.

Support for variable from chain device (as you use above) is available
in the nftables release (or using the current git snapshot), this is a
recent enhancement.

  parent reply	other threads:[~2020-08-17  9:58 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-17  0:23 error using variable for network device name in 'hook ingress device $external_interface' Grant C
2020-08-17  9:21 ` Daniel
2020-08-17  9:58 ` Pablo Neira Ayuso [this message]
2020-08-17 10:01   ` Pablo Neira Ayuso

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200817095839.GA5731@salvia \
    --to=pablo@netfilter.org \
    --cc=grant@gc9.org \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox