On Sun, Mar 09, 2014 at 02:14:23PM +0100, Arturo Borrero Gonzalez wrote:
> On 9 March 2014 13:59, Alvaro Neira Ayuso <alvaroneay@xxxxxxxxx> wrote:
> > From: Álvaro Neira Ayuso <alvaroneay@xxxxxxxxx>
> >
> > Before this patch, the program tried to print some attribute
> > that maybe the user hasn't defined for printing. We can't
> > assume that the user want to print some attribute that we have put
> > mandatory in the rules. Example:
> >
> > Before this patch, it's mandatory have a rule with family
> > and this is the output:
> >
> > {"rule":{"family":"ip","handle":4...
> > <rule><family>ip</family><handle>4</handle>...
> >
> > Now, we can print rule without some attribute:
> >
> > {"rule":{"handle":4...
> > <rule><handle>4</handle>...
> >
> > Signed-off-by: Alvaro Neira Ayuso <alvaroneay@xxxxxxxxx>
> > ---
>
> Hi there!
>
> These attributes are no longer mandatory? What is the idea behind this?
I think we already discussed this time ago.
I'd like that the parsers don't enforce the occurrence of any
attribute, we should just let the kernel bail out if the configuration
that the user provides doesn't make sense.
This provides us more flexibility in case that we change any aspect
from the kernel side.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
