[Bug 1175] New: Document limitations on identifier names

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Wed Aug 23 19:40:05 CEST 2017 

https://bugzilla.netfilter.org/show_bug.cgi?id=1175

            Bug ID: 1175
           Summary: Document limitations on identifier names
           Product: nftables
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: major
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: netfilter at allycomm.com

I understand that some of the functionality within nftables requires
identifiers to be available within kernel structures and that there needs to be
a "reasonable" limit on the lengths of those identifiers.

Unfortunately, these limits are not only poorly documented, but also result in
"meaningless" error messages, such as

nftables.conf:3:1-14: Error: Could not process rule: No such file or directory
flush ruleset
^^^^^^^^^^^^^^

(Error messaging to be the subject of another issue)

In searching the "official" documentation, there is little to describe the
limits on length.

===
<https://wiki.nftables.org/wiki-nftables/index.php/Configuring_tables>

(nothing)

===
<https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains>

(nothing)

===
<https://wiki.nftables.org/wiki-nftables/index.php/Scripting>

(define syntax described here -- nothing)

===
<https://wiki.nftables.org/wiki-nftables/index.php/Sets>

"Current maximum name length is 16 characters."

(assumed to apply to sets and not necessarily other identifiers, especially
given the man page description of "identifiers")

===
<https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes>

(nothing)

===
<http://www.netfilter.org/projects/nftables/manpage.html>

Under LEXICAL CONVENTIONS

Identifiers begin with an alphabetic character (a-z,A-Z), followed zero or more
alphanumeric characters (a-z,A-Z,0-9) and the characters slash (/), backslash
(\), underscore (_) and dot (.). Identifiers using different characters or
clashing with a keyword need to be enclosed in double quotes (").

Under SYMBOLIC VARIABLES

(nothing)

Under TABLES, CHAINS

(nothing)

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170823/00b575d9/attachment.html>

More information about the netfilter-buglog mailing list