All of
 help / color / mirror / Atom feed
From: Pablo Neira Ayuso <>
To: Arturo Borrero Gonzalez <>
Cc: Phil Sutter <>,,
Subject: Re: [PATCH nftables 2/2] src: add set element catch-all support
Date: Tue, 11 May 2021 12:42:49 +0200	[thread overview]
Message-ID: <20210511104249.GA18952@salvia> (raw)
In-Reply-To: <>


I'll reply to both of you here. Cc'ing Florian.

On Tue, May 11, 2021 at 10:50:05AM +0200, Arturo Borrero Gonzalez wrote:
> On 5/11/21 10:24 AM, Phil Sutter wrote:
> > Hi Pablo,
> > 
> > On Mon, May 10, 2021 at 06:53:21PM +0200, Pablo Neira Ayuso wrote:
> > > Add a catchall expression (EXPR_SET_ELEM_CATCHALL).
> > > 
> > > Use the underscore (_) to represent the catch-all set element, e.g.
> > 
> > Why did you choose this over asterisk? We have the latter as wildcard
> > symbol already (although a bit limited), so I think it would be more
> > intuitive than underscore.

I looked at several programming languages, one of them is using it (a
very trendy one...), so I thought we have to use it / place it at the
deep core of Netfilter for this reason, even if it absolutely makes no

Actually, the real reason is that I was trying to reduce interactions
with bash, which most distros tend to use.

> Moreover,
> instead of a symbol, perhaps an explicit word (string, like "default") may
> contribute to a more understandable syntax.

I also considered "default" to reduce interactions with bash, problem is
that it's likely to be a valid input value as a key, for example, there
are a few keys in /etc/iproute2/rt_* files that use default, and that
will clash with it.

So I'm more inclined to Phil's proposal to use asterisk, even if it
needs to be escaped in bash, I'll send a v2.

  reply	other threads:[~2021-05-11 10:42 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-10 16:53 [PATCH nftables 1/2] parser_bison: add set_elem_key_expr rule Pablo Neira Ayuso
2021-05-10 16:53 ` [PATCH nftables 2/2] src: add set element catch-all support Pablo Neira Ayuso
2021-05-11  8:24   ` Phil Sutter
2021-05-11  8:50     ` Arturo Borrero Gonzalez
2021-05-11 10:42       ` Pablo Neira Ayuso [this message]
2021-05-11 13:20         ` Phil Sutter
2021-05-10 16:53 Pablo Neira Ayuso

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210511104249.GA18952@salvia \ \ \ \ \ \
    --subject='Re: [PATCH nftables 2/2] src: add set element catch-all support' \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.