On Fri, Jul 13, 2018 at 02:43:46PM +0200, Máté Eckl wrote: > On Fri, Jul 13, 2018 at 02:38:19PM +0200, Florian Westphal wrote: > > Máté Eckl <ecklm94@xxxxxxxxx> wrote: > > > But that means that this solution cannot support bridge family at all. Or BRNF > > > stands for something that can be interpreted as filter? > > > > Currently bridge family has no special hooks, they are all 'filter'. > > So it would be fine to only support numbers in my opinion. > > > > We can revisit it later if needed. > > I looked it up in iptables and it uses NF_BR_PRI_FILTER_BRIDGED for filter > tables so it would be inapproppriate to translate 0 to filter here. > > So yes, maybe we should leave bridge family alone. What is your opinion about this Pablo? Is it okay to omit bridge tables out of this for now? To implement this for them I think we should expose NF_BR_PRI_* values to the uapi or something like that. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
