Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > On Wed, Jun 07, 2017 at 12:24:10PM +0200, Florian Westphal wrote: > > diff --git a/tests/py/any/ct.t b/tests/py/any/ct.t > > index 667126e656ae..1c90ec1c769d 100644 > > --- a/tests/py/any/ct.t > > +++ b/tests/py/any/ct.t > > @@ -100,11 +100,11 @@ ct original mark 42;fail > [...] > > +ct event set new or related or destroy or foobar;fail > > +ct event set 'new | related | destroy | label';ok;ct event set new | related | destroy | label > > I would replace this by the new syntax in the tests too. > > So anyone looking at test for example relies on this new one, it is > more compact and readable IMO. Good point, we still print ct event set new | related | destroy | label because we lack the OP_FLAGCMP postprocessing that relational expression does (it converts the rhs binops into list in case of OP_FLAGCMP). Flagcmp is also a bit different thing: tcp flags syn,ack is short-hand for 'tcp flags & (syn|ack) != 0' but when using 'ct event set foo,bar' its same as ct event set foo|bar. This gets ugly... I see no way to autodetect which output format we should use. I could of course stick a check for the key type into netlink_delinerize.c but thats ugly. Alterntively I could hook into ct_stmt_print and dissect there. Any idea/preference? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
