Hi Arturo,
All expression have a short, one-word based name, which is nice.
Yes, any suggestion?
Always the tricky part ^^ (complaining about is easy...).
But we might avoid that:
Anyway, doesn't it work already: if you create an immediate expression (to
load the value you want, at default dreg 0 aka NFT_REG_VERDICT) and a meta
expression without the NFTA_META_DREG set? (didn't try myself)
I commented the immediate load with Pablo. He suggested the value to
be fetched from the metatarget directly.
Ok I see it optimize things, then below:
If not maybe there is a shorter way to fix this, instead of creating a full
new expression. Looks like it was the original plan.
You mean the original plan was to avoid creating a new expression?
In that case, I will have to revisit this, as I wasn't considering
this approach.
Thus, why not adding an attribute to the meta expression. Like:
NFTA_META_SVAL? (Of course NFTA_META_DREG and this new attribute are
mutually exclusive)
I guess then you only need to adapt struct nft_policy in
nft_meta_target.c to handle it, and adding value element in its nft_meta
struct, and there you are.
Less code and API change.
Tomasz
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
