On Thu, Sep 21, 2017 at 08:52:56AM +0200, Arturo Borrero Gonzalez wrote: > On 20 September 2017 at 12:14, Shyam Saini <mayhs11saini@xxxxxxxxx> wrote: > > This new operation allows to import ruleset in json to make > > incremental changes using the parse functions of libnftnl. > > > > A basic way to test this new functionality is: > > > > % cat file.json | nft import json > > > > where the file.json is a ruleset exported in json format. > > > > Highly based on work from Alvaro Neira <alvaroneay@xxxxxxxxx> > > and Arturo Borrero <arturo@xxxxxxxxxxxxx> > > > > Acked-by: Arturo Borrero Gonzalez <arturo@xxxxxxxxxxxxx> > > Signed-off-by: Shyam Saini <mayhs11saini@xxxxxxxxx> > > --- > > V4: > > Fix coding style issues > > Avoid nested function calls (As Suggested by Arturo ) > > LGTM > > Thanks Shyam! > > Just tested this patch, along with the one adding the testcase. > All seems fine. > > @Pablo, please, review and apply. My only concern with this is that we'll end up having a json representation in high-level format. So I wonder if it would be good to make a distinction between the low-level VM (Virtual-Machine) json representation and the high-level one. What I'm proposing is that we just add a command like this: nft add export vm json So the vm keyword specifies that we want a VM representation. So we leave room for Eric Leblond's high level json representation. I would turn 'nft export json' into no-op now, and we document this change in the 0.8 release, since we aren't yet on 1.0, we still have a bit of room to make these changes... Fine with this? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
