On Wed, Jun 07, 2017 at 01:07:51PM +0200, Florian Westphal wrote: > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > On Wed, Jun 07, 2017 at 12:24:10PM +0200, Florian Westphal wrote: > > > diff --git a/tests/py/any/ct.t b/tests/py/any/ct.t > > > index 667126e656ae..1c90ec1c769d 100644 > > > --- a/tests/py/any/ct.t > > > +++ b/tests/py/any/ct.t > > > @@ -100,11 +100,11 @@ ct original mark 42;fail > > [...] > > > +ct event set new or related or destroy or foobar;fail > > > +ct event set 'new | related | destroy | label';ok;ct event set new | related | destroy | label > > > > I would replace this by the new syntax in the tests too. > > > > So anyone looking at test for example relies on this new one, it is > > more compact and readable IMO. > > Good point, we still print > ct event set new | related | destroy | label > > because we lack the OP_FLAGCMP postprocessing that relational expression > does (it converts the rhs binops into list in case of OP_FLAGCMP). > > Flagcmp is also a bit different thing: > tcp flags syn,ack > is short-hand for > 'tcp flags & (syn|ack) != 0' > > but when using 'ct event set foo,bar' > its same as > ct event set foo|bar. > > This gets ugly... I see no way to autodetect which output format > we should use. > > I could of course stick a check for the key type into > netlink_delinerize.c but thats ugly. > > Alterntively I could hook into ct_stmt_print and dissect there. > > Any idea/preference? I suggest you always use the comma separated one to print this. This assymmetry is not a problem, what matters if that the internal AST representation end up being the same, which is what matters to the delete by name (if that is your primary concern with this). So it's not that we need the same syntax in both directions specifically, but the same internal representation for both. So we just need that the evaluation transform these or syntax to OP_FLAGCMP. Actually, I remember to have discussed with Laura ideas to kill OP_FLAGCMP and just convert this to binary, specifically, I need to look back at the archive, but I think the problem is to check for flaglist mismatch. Anyway, at this stage, I would suggest you just update this to print it in comma separated output. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
