On Fri, Jul 19, 2013 at 04:31:27PM +0200, Eric Leblond wrote: [...] > > While fixing it using the 'before' and 'after', I noticed that 'add' > > and 'insert' already tell us where to put the new rule, so 'after' and > > 'before' were repeating again what we want to do. I have reworked this > > patch to change this initial syntax: > > > > nft add rule filter output position 5 ip daddr 1.2.3.1 drop > > nft insert rule filter output position 5 ip daddr 1.2.3.1 drop > > > > We can support the after and before, but that would imply some extra > > evaluation after the parsing that would make the patch bigger. So I > > prefered to go the simpler solution. > > I agree with the following modification. I did not find better than this > so, it is ok for me :) > > Patch tested. It works well. I have applied this patch, thanks for testing. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
