bugzilla-daemon at netfilter.org
2020-Aug-28 12:29 UTC
[Bug 1458] New: Consider allowing for variable interpolation
https://bugzilla.netfilter.org/show_bug.cgi?id=1458
Bug ID: 1458
Summary: Consider allowing for variable interpolation
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: kfm at plushkava.net
This is another feature request extracted from bug 1434 (the
"usability" bug).
Currently, variable interpolation isn't supported by the parser. The
originally
given example was as follows.
define LOG_PREFIX = "[foo] "
table inet filter {
chain input {
type filter hook input priority 0; policy drop;
counter log prefix "$LOG_PREFIX DROP"
}
}
If this is ever implemented, it might also make sense to allow for strings to
be single-quoted so as to be able to suppress expansion (just like in sh).
Otherwise, there would need to be some means of escaping the $ symbol.
Another approach could be so support a concatenation operator instead. For
instance:
counter log prefix $LOG_PREFIX + " DROP"
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200828/d9bffe92/attachment.html>
bugzilla-daemon at netfilter.org
2020-Aug-28 12:29 UTC
[Bug 1458] Consider allowing for variable interpolation
https://bugzilla.netfilter.org/show_bug.cgi?id=1458
kfm at plushkava.net changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://bugzilla.netfilter.
| |org/show_bug.cgi?id=1434
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200828/34f8434b/attachment.html>
bugzilla-daemon at netfilter.org
2020-Aug-28 12:46 UTC
[Bug 1458] Consider allowing for variable interpolation
https://bugzilla.netfilter.org/show_bug.cgi?id=1458
Pablo Neira Ayuso <pablo at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
--- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> ---
(In reply to kfm from comment #0)> This is another feature request extracted from bug 1434 (the
"usability"
> bug). Currently, variable interpolation isn't supported by the parser.
The
> originally given example was as follows.
>
> define LOG_PREFIX = "[foo] "
> table inet filter {
> chain input {
> type filter hook input priority 0; policy drop;
> counter log prefix "$LOG_PREFIX DROP"
> }
> }
commit e76bb379401816bbea773e73b524cd747324760a
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date: Tue Jul 7 17:42:37 2020 +0200
src: allow for variables in the log prefix string
For example:
define test = "state"
define foo = "match"
table x {
chain y {
ct state invalid log prefix "invalid $test $foo:"
}
}
> If this is ever implemented, it might also make sense to allow for strings
> to be single-quoted so as to be able to suppress expansion (just like in
> sh). Otherwise, there would need to be some means of escaping the $ symbol.
>
> Another approach could be so support a concatenation operator instead. For
> instance:
>
> counter log prefix $LOG_PREFIX + " DROP"
For the record: These last two items are not implemented.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200828/dc51269e/attachment.html>
bugzilla-daemon at netfilter.org
2020-Aug-28 12:51 UTC
[Bug 1458] Consider allowing for variable interpolation
https://bugzilla.netfilter.org/show_bug.cgi?id=1458 --- Comment #2 from kfm at plushkava.net --- Very good. I should have tested on my bleeding-edge nftables host. I just realised that the sample ruleset works there. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200828/d3a6c422/attachment-0001.html>