On 27.03, Pablo Neira Ayuso wrote: > On Fri, Mar 27, 2015 at 01:00:37PM +0100, Arturo Borrero Gonzalez wrote: > > On 25 March 2015 at 20:44, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > > > % sudo nft add rule bridge filter FORWARD xt match 802_3 [--802_3-sap 0x01 ] > > <cmdline>:1:41-43: Error: syntax error, unexpected number > > add rule bridge filter FORWARD xt match 802_3 [--802_3-sap 0x01 ] > > ^^^ > > > > I have to admit I don't know where to look. Do you have any hint? > > I know see the problem, the scanner doesn't consider that a string can > start by a number, we have a similar problem with the expiration time. > Well, I would keep it there until we find a better solution. Please, > check if we have more extensions with this pattern. For this specifc case what might work is add a token "match [^ ]+" and return XT_MATCH as token type and the name as value. This will of course not allow to use "match" for anything else, including identifiers. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html