On Thu, Jun 21, 2018 at 01:42:14PM +0200, Pablo Neira Ayuso wrote:
> On Thu, Jun 21, 2018 at 01:01:31PM +0200, Phil Sutter wrote:
> [...]
> > On Thu, Jun 21, 2018 at 11:26:37AM +0200, Máté Eckl wrote:
> > > By the way, there's a question I haven't met yet. Prio spec is used by not only
> > > hook_spec but also flowtable_block. Are these standard priorities applicable for
> > > flowtable priorities? Or should I make it specific to chains?
>
> Only the filter priority you can apply to the flowtable_block.
>
> Note that standard priorities may depend on family, so you may need to
> do the chain_std_prio_lookup() from the evaluation phase, instead of
> doing it from the parser.
>
> Telling this only filter applies to arp, bridge and netdev families
> IIRC.
>
> Have a look and let us know
I found no evaluation for any families so I could do
nft add chain arp x y { type filter hook input priority -300;}
without any problem, which would be translated to 'raw'.
So I shouldn't have the possibility to add this priority? In this case, I think
the evaluation of the numerical value should be refined, but putting the
text->number translation into the evaluation phase does not seem approppriate to
me.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
