On Thu, Jan 16, 2014 at 05:49:37PM +0100, Pablo Neira Ayuso wrote: > On Thu, Jan 16, 2014 at 04:28:16PM +0000, Patrick McHardy wrote: > > On Wed, Jan 15, 2014 at 09:30:21PM +0100, Pablo Neira Ayuso wrote: > > > This allows us to use the protocol type keyword, eg. > > > > > > nft add rule ip filter output meta protocol ip6 counte > > > ^^^ > > > > I see two problems with this patch: > > > > - the mapping to ETH_P_* is fixed. In case of f.i. meta nfproto relational > > expression it would have to map to NFPROTO_* values. So I think we should > > use symbolic expressions instead of constants and leave parsing to the > > evaluation phase- > > Yes, that change needs to be done in next-3.14 to get it working with > your new inet table. I was focusing to fix this in master for the > upcoming release. > > > - we're still using a mix of ip6 and ipv6. Lets also fix that, ideally > > as a patch before this one. > > > > I can take care of this if you like. > > Please, go ahead, I'm looking at more pending stuff I want to provide > feedback on. Already done :) I'm simply going to take your entire patchset and integrate it with my change since they kind of depend on each other. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
