bugzilla-daemon at netfilter.org
2020-Aug-28 12:29 UTC
[Bug 1458] New: Consider allowing for variable interpolation
https://bugzilla.netfilter.org/show_bug.cgi?id=1458 Bug ID: 1458 Summary: Consider allowing for variable interpolation Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at netfilter.org Reporter: kfm at plushkava.net This is another feature request extracted from bug 1434 (the "usability" bug). Currently, variable interpolation isn't supported by the parser. The originally given example was as follows. define LOG_PREFIX = "[foo] " table inet filter { chain input { type filter hook input priority 0; policy drop; counter log prefix "$LOG_PREFIX DROP" } } If this is ever implemented, it might also make sense to allow for strings to be single-quoted so as to be able to suppress expansion (just like in sh). Otherwise, there would need to be some means of escaping the $ symbol. Another approach could be so support a concatenation operator instead. For instance: counter log prefix $LOG_PREFIX + " DROP" -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200828/d9bffe92/attachment.html>
bugzilla-daemon at netfilter.org
2020-Aug-28 12:29 UTC
[Bug 1458] Consider allowing for variable interpolation
https://bugzilla.netfilter.org/show_bug.cgi?id=1458 kfm at plushkava.net changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugzilla.netfilter. | |org/show_bug.cgi?id=1434 -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200828/34f8434b/attachment.html>
bugzilla-daemon at netfilter.org
2020-Aug-28 12:46 UTC
[Bug 1458] Consider allowing for variable interpolation
https://bugzilla.netfilter.org/show_bug.cgi?id=1458 Pablo Neira Ayuso <pablo at netfilter.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED --- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> --- (In reply to kfm from comment #0)> This is another feature request extracted from bug 1434 (the "usability" > bug). Currently, variable interpolation isn't supported by the parser. The > originally given example was as follows. > > define LOG_PREFIX = "[foo] " > table inet filter { > chain input { > type filter hook input priority 0; policy drop; > counter log prefix "$LOG_PREFIX DROP" > } > }commit e76bb379401816bbea773e73b524cd747324760a Author: Pablo Neira Ayuso <pablo at netfilter.org> Date: Tue Jul 7 17:42:37 2020 +0200 src: allow for variables in the log prefix string For example: define test = "state" define foo = "match" table x { chain y { ct state invalid log prefix "invalid $test $foo:" } }> If this is ever implemented, it might also make sense to allow for strings > to be single-quoted so as to be able to suppress expansion (just like in > sh). Otherwise, there would need to be some means of escaping the $ symbol. > > Another approach could be so support a concatenation operator instead. For > instance: > > counter log prefix $LOG_PREFIX + " DROP"For the record: These last two items are not implemented. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200828/dc51269e/attachment.html>
bugzilla-daemon at netfilter.org
2020-Aug-28 12:51 UTC
[Bug 1458] Consider allowing for variable interpolation
https://bugzilla.netfilter.org/show_bug.cgi?id=1458 --- Comment #2 from kfm at plushkava.net --- Very good. I should have tested on my bleeding-edge nftables host. I just realised that the sample ruleset works there. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200828/d3a6c422/attachment-0001.html>