Phil Sutter <phil@xxxxxx> wrote:
> > Another alternative is to deprecate implicit rule add altogether
> > so users would have to move to 'nft add rule ...'.
>
> Isn't this required for nested syntax? I didn't check, but does your
> arbitrary table/chain name support work also when restoring a ruleset in
> that nested syntax?
Whats 'nested syntax'?
You mean "table bla { chain foo {"?
> Another interesting aspect might be arbitrary set
> names - 'set' is also a valid keyword used in rules, this fact killed my
> approach with start conditions. ;)
Right, arbitrary set names are needed as well, I forgot about them.
It should be possible by using two "set" rules in flex.
One in the INITIAL scope (to handle set bla {), and one in
'rule' or 'expression scope'.
The former would switch to an exclusive start condition (expect
STRING, close condition on '{', just like CHAIN is handled here.
The latter would not change state and just return SET token.
