Special meaning of asterisk in interface names wasn't described anywhere. Signed-off-by: Phil Sutter <phil@xxxxxx> --- Changes since v1: - Generalize sentence about escaping for literal asterisk character. --- doc/primary-expression.txt | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/primary-expression.txt b/doc/primary-expression.txt index 94eccc20241a2..b5488790360dc 100644 --- a/doc/primary-expression.txt +++ b/doc/primary-expression.txt @@ -36,6 +36,13 @@ add such a rule, it will stop matching if the interface gets renamed and it will match again in case interface gets deleted and later a new interface with the same name is created. +Like with iptables, wildcard matching on interface name prefixes is available for +*iifname* and *oifname* matches by appending an asterisk (*) character. Note +however that unlike iptables, nftables does not accept interface names +consisting of the wildcard character only - users are supposed to just skip +those always matching expressions. In order to match on literal asterisk +character, one may escape it using backslash (\). + .Meta expression types [options="header"] |================== -- 2.24.1
