[Bug 1299] add set - syntax has changed - update documentation
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sat Nov 17 12:32:33 CET 2018
https://bugzilla.netfilter.org/show_bug.cgi?id=1299
--- Comment #5 from James Feeney <james at nurealm.net> ---
BTW, from the man page, "If an identifier is specified without an address
family, the ip family is used by default."
It seems that I did not appreciate the importance of this, where, then, every
reference to "<address_family> <arbitrary_table_name> <arbitrary_set_name>" is,
implicitly "ip <arbitrary_table_name> <arbitrary_set_name>", when the address
family is not stated explicitly.
The implicit address family "ip" doesn't seem important without first
understanding and appreciating that the table names are unique to each address
family. Again, please please give additional emphasis to this point in the
documentation.
> I would very much like to enforce family, but it might break existing scripts.
You understand that I *literally* did not understand what you were talking
about when you first said "This is short for 'nft add set ip filter'", even
though the meaning is obvious in retrospect, yes?
I, then, want to encourage everyone to move to enforcing the use of address
family in the nft commands, and, yes, break those scripts. Now is a good time
to fix nft scripts, while so many people are still using iptables.
Thanks for helping me to clarify these issues.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20181117/8aa7ca20/attachment.html>
More information about the netfilter-buglog
mailing list