On Mon, Sep 22, 2014 at 11:54:57AM +0200, Arturo Borrero Gonzalez wrote: > On 19 September 2014 13:25, Patrick McHardy <kaber@xxxxxxxxx> wrote: > > On Fri, Sep 19, 2014 at 11:49:02AM +0200, Arturo Borrero Gonzalez wrote: > >> Hi, > >> > >> the -nnn switch in in nftables is IMO a bit annoying. > >> We are bounded to use that switch in every serious usage of nft. > >> > >> Let me remember the current behaviour: > >> > >> -n -> don't translate IP addresses to names. > >> -nn -> also, don't translate gids/uids to names. > >> -nnn -> also, don't translate port numbers to names. > >> default -> translate all numbers to names. > >> > >> I propose here that before nftables goes absolutely mainstream we > >> change the behaviour to the opposite: > >> > >> -n -> translate IP addresses to names. > >> -nn -> translate gids/uids to names. > >> -nnn -> translate port numbers to names. > >> default -> show all numerically. > >> > >> What do you think? > > > > That seems quite counter intuitive. I'd say the default should be not > > to cause any network traffic for a regular system (not using LDAP or > > whatever), which would be -n. So I would be fine with -n being the > > default and adding an option to also translate hostnames. > > So, your proposal is to make the current '-n' the default? This is > what I've understood: > > · default (no -n given): show IP addresses (no DNS names), show GID > names, port names > · -n: show DNS names, show GID names, port names > · -nn: show DNS names, show GID numbers, port names > · -nnn: show DNS names, show GID numbers, port numbers > > That seems pretty counter intuitive to me, actually. > > Whit that combination of options you can't show all numerically, which > I think it should be the default in fact. No, the -n option keeps its meaning, we default to -n and add an option to counter it, lets say -N for this example. No options or -n would be similar, -nn and -nnn would keep its meaning. -N would counter the default and be like the current behaviour. Translating local information like user and service names is very useful in my opinion and I'd like to keep it the default. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
