On Mon, Jul 22, 2019 at 02:56:33PM +0200, Florian Westphal wrote: > Phil Sutter <phil@xxxxxx> wrote: > > On Mon, Jul 22, 2019 at 02:17:47PM +0200, Florian Westphal wrote: > > > Phil Sutter <phil@xxxxxx> wrote: > > > > use for "no data available" situations. This whole attempt feels a bit > > > > futile. Maybe we should introduce something to signal "no value" so that > > > > cmp expression will never match for '==' and always for '!='? Not sure > > > > how to realize this via registers. Also undecided about '<' and '>' ops. > > > > > > Whats the point? > > > > IIRC, Pablo's demand for not aborting in nft_meta in case of > > insufficient data was to insert a value into dreg which will never > > match. I think the idea was to avoid accidental matching in situations > > where a match doesn't make sense. > > I think the only contraint is that it must not overlap with a > legitimate ifindex. > > But 0 cannot occur, so 'meta iif 0' will only match in case no input > interface existed -- I think thats fine and might even be desired. OK, so we just drop my patch to reject ifindex 0 from userspace to keep fib working? [...] > I would propose to go with '0' dreg for ifindex, "" for name and leave > rest as-is. My kernel patch also changes iftype to set ARPHRD_VOID and ifkind to set an empty string as well. For iftype, I also sent a userspace patch to disallow ARPHRD_VOID. Do you think it should be dropped as well? Thanks, Phil
