On Thu, Mar 18, 2021 at 01:37:24PM +0100, Florian Westphal wrote:
> Phil Sutter <phil@xxxxxx> wrote:
> > > Another alternative is to deprecate implicit rule add altogether
> > > so users would have to move to 'nft add rule ...'.
> >
> > Isn't this required for nested syntax? I didn't check, but does your
> > arbitrary table/chain name support work also when restoring a ruleset in
> > that nested syntax?
>
> Whats 'nested syntax'?
>
> You mean "table bla { chain foo {"?
Yes, exactly.
> > Another interesting aspect might be arbitrary set
> > names - 'set' is also a valid keyword used in rules, this fact killed my
> > approach with start conditions. ;)
>
> Right, arbitrary set names are needed as well, I forgot about them.
>
> It should be possible by using two "set" rules in flex.
>
> One in the INITIAL scope (to handle set bla {), and one in
> 'rule' or 'expression scope'.
>
> The former would switch to an exclusive start condition (expect
> STRING, close condition on '{', just like CHAIN is handled here.
>
> The latter would not change state and just return SET token.
Yes, that might work.
Thanks, Phil
