[Bug 1299] add set - syntax has changed - update documentation
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Fri Nov 16 20:45:48 CET 2018
https://bugzilla.netfilter.org/show_bug.cgi?id=1299
--- Comment #3 from Florian Westphal <fw at strlen.de> ---
(In reply to James Feeney from comment #2)
> I'm confused. "filter" is just an arbitrary, but commonly used, table name,
> where the nft man page shows, in effect:
>
> add set <address_family> <arbitrary_table_name> <arbitrary_set_name> { ... }
>
> The table named "filter" can be seen to already exist from the result of
> "nft list tables".
No.
table inet filter // inet family
table ip nat // ip family
table ip private // ip family
so, there is no table named "filter" in the ip family, only in the inet family.
$ nft add set filter foreign \{ type ipv4_addr \; \}
... tells nft to add a new set named foreign to a table named "filter" in the
ip family, but there is no such table.
'table ip filter' would make this work, albeit its probably not what was
intended. Using 'nft add set inet filter ..' tells nft do add a set to a table
named "filter" in the "inet" family, which does exist.
> Or, do you mean to suggest that the table names are not arbitrary, and that
> nft has defined, but not documented, some limited set of allowed table names?
No undocumented magic, they are just names/identifiers.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20181116/c552e702/attachment-0001.html>
More information about the netfilter-buglog
mailing list