Re: [PATCH libnftables] Add support for ct set

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jan 10, 2014 at 01:58:01PM +0000, Patrick McHardy wrote:
> On Fri, Jan 10, 2014 at 02:54:35PM +0100, Pablo Neira Ayuso wrote:
> > On Fri, Jan 10, 2014 at 01:43:43PM +0000, Patrick McHardy wrote:
> > > On Fri, Jan 10, 2014 at 02:33:06PM +0100, Kristian Evensen wrote:
> > > > Hi,
> > > > 
> > > > On Fri, Jan 10, 2014 at 2:27 PM, Patrick McHardy <kaber@xxxxxxxxx> wrote:
> > > > > No, I'm refering to the (ab)use of the expression. Anything not returning
> > > > > data is not an expression but a statement.
> > > > 
> > > > Ok, then I follow :) I followed the naming in meta, but I agree. What
> > > > would be a good naming convetion? I thought of something like
> > > > nft_expr_stmt_*. It is a bit clumsy, but it is at least clear that the
> > > > struct can be used to represent both an expression and a statement.
> > > 
> > > nft_ct_stmt? This is what we use in nftables f.i. in case of meta.
> > 
> > Perhaps nft_ct_instr? So we can identify this as the nftables
> > instruction-set.
> 
> Well, expressions also belong to the instruction set. A statement is
> is one (more specific) case of an instruction, as are expressions.
> Why introduce new terminology that isn't used anywhere else so far
> if statement is the exact description of what this is and is already
> used by nftables.

So are you proposing to add a new object for statements in
libnftables? That will require a new infrastructure which would be
very similar to what we have in the current expressions.

To that extend, that would also require a new infrastructure in the
kernel so we also have statements there. I think one of the good
things of the nf_tables kernel side is that we didn't make any
distinction between matches/targets (or call it
expressions/statements).
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux