On 19 September 2014 13:25, Patrick McHardy <kaber@xxxxxxxxx> wrote: > On Fri, Sep 19, 2014 at 11:49:02AM +0200, Arturo Borrero Gonzalez wrote: >> Hi, >> >> the -nnn switch in in nftables is IMO a bit annoying. >> We are bounded to use that switch in every serious usage of nft. >> >> Let me remember the current behaviour: >> >> -n -> don't translate IP addresses to names. >> -nn -> also, don't translate gids/uids to names. >> -nnn -> also, don't translate port numbers to names. >> default -> translate all numbers to names. >> >> I propose here that before nftables goes absolutely mainstream we >> change the behaviour to the opposite: >> >> -n -> translate IP addresses to names. >> -nn -> translate gids/uids to names. >> -nnn -> translate port numbers to names. >> default -> show all numerically. >> >> What do you think? > > That seems quite counter intuitive. I'd say the default should be not > to cause any network traffic for a regular system (not using LDAP or > whatever), which would be -n. So I would be fine with -n being the > default and adding an option to also translate hostnames. So, your proposal is to make the current '-n' the default? This is what I've understood: · default (no -n given): show IP addresses (no DNS names), show GID names, port names · -n: show DNS names, show GID names, port names · -nn: show DNS names, show GID numbers, port names · -nnn: show DNS names, show GID numbers, port numbers That seems pretty counter intuitive to me, actually. Whit that combination of options you can't show all numerically, which I think it should be the default in fact. -- Arturo Borrero González -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
