On Wednesday 2016-06-22 18:14, Florian Westphal wrote:
>Laura Garcia Liebana <nevola@xxxxxxxxx> wrote:
>> Add support for inverted state and status bitwise value list required in the
>> ct match.
>>
>> Before this patch, nft didn't support the rule:
>>
>> $ nft add rule ip filter INPUT ct state != new,related counter accept
>> <cmdline>:1:41-41: Error: syntax error, unexpected comma, expecting end of file or newline or semicolon
>> add rule ip filter INPUT ct state != new,related counter accept
> ^
>I don't like nft foo,bar syntax since
>
>'state new,related' looks a lot like 'state { new, related }' but its not the same...
What is the difference? More specifically, why is there a difference?
That appears to be a bad pitfall for users. (And as such, choosing
different symbols like the pipe symbol does not cure the issue of
confusion.)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
