On Wed, 16 Jan 2019 20:39:13 +0100 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > On Wed, Jan 16, 2019 at 08:29:12PM +0100, Florian Westphal wrote: > > Mikhail Morfikov <mmorfikov@xxxxxxxxx> wrote: > > > # nft -f rules.nft > > > rules.nft:21:1-26: Error: Could not process rule: No such file or directory > > > delete table ip testtable > > > ^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > > > > I have a question. Basically, when you create a table or a chain > > > you can use "add" or "create", and only the second option will > > > return an error if the table/chain you wanted to create already > > > exists. But in the case of deleting tables/chains, which don't > > > exist, there's only one option -- return an error. > > > > Good point. > > > > Pablo, do you think we should NOT abort/error in case of -ENOENT > > on table delete? > > We can find a way to introduce this new semantics, eg. "destroy table" > vs. "delete table", where destroy ignores ENOENT, but we'll need to > explore how to express this in netlink, because so far it is not > possible IIRC. Or borrow an existing semantic from rm, if possible: 'delete -f table ...' or maybe 'delete-f table ...'
