On Thu, Jan 16, 2014 at 04:28:16PM +0000, Patrick McHardy wrote: > On Wed, Jan 15, 2014 at 09:30:21PM +0100, Pablo Neira Ayuso wrote: > > This allows us to use the protocol type keyword, eg. > > > > nft add rule ip filter output meta protocol ip6 counte > > ^^^ > > I see two problems with this patch: > > - the mapping to ETH_P_* is fixed. In case of f.i. meta nfproto relational > expression it would have to map to NFPROTO_* values. So I think we should > use symbolic expressions instead of constants and leave parsing to the > evaluation phase- Yes, that change needs to be done in next-3.14 to get it working with your new inet table. I was focusing to fix this in master for the upcoming release. > - we're still using a mix of ip6 and ipv6. Lets also fix that, ideally > as a patch before this one. > > I can take care of this if you like. Please, go ahead, I'm looking at more pending stuff I want to provide feedback on. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
