Hi Pablo,
Nice extension. I just have small comments how we could improve the
command line:
This patch allows you to specify the type of the base chain, eg.
add table mangle
add chain mangle OUTPUT { type route hook NF_INET_LOCAL_OUT 0; }
Instead of NF_INET_LOCAL_OUT could we get OUT? (not literally ;) )
IN, OUT, PRE-ROUTING, FORWARD, POST-ROUTING etc...
And depending on chain's family, nft would use the right value there
(IN: is NF_INET_LOCAL_IN for ipv4, NF_ARP_IN for arp, etc...)
It would also make command line easier and more readable.
One more debatable:
What about adding prio keyword? So it would be { type <string> hook
<string> prio <num> }
Or keeping both possibility <num> or prio <num>?
I can prepare a patch if you want,
Cheers,
Tomasz
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
