On Thu, Aug 03, 2023 at 09:35:24PM +0200, Thomas Haller wrote:
> Similar to the existing Nftables.{get,set}_debug() API.
>
> Only notable (internal) difference is that nft_ctx_input_set_flags()
> returns the old value already, so we don't need to call
> Nftables.get_input() first.
>
> The benefit of this API, is that it follows the existing API for debug
> flags. Also, when future flags are added it requires few changes to the
> python code.
>
> The disadvantage is that it looks different from the underlying C API,
> which is confusing when reading the C API. Also, it's a bit cumbersome
> to reset only one flag. For example:
>
> def _drop_flag_foo(flag):
> if isinstance(flag, int):
> return flag & ~FOO_NUM
> if flag == 'foo':
> return 0
> return flag
>
> ctx.set_input(_drop_flag_foo(v) for v in ctx.get_input())
Which would be easier if there were dedicated setter/getter pairs for
each flag. The code for debug flags optimizes for setting multiple flags
at once ("get me all the debugging now!"). Not a veto from my side
though, adding getter/setter pairs after the fact is still possible
without breaking anything.
Thanks, Phil
