On Tue, 2023-08-08 at 16:04 +0200, Phil Sutter wrote:
> On Thu, Aug 03, 2023 at 09:35:24PM +0200, Thomas Haller wrote:
> > Similar to the existing Nftables.{get,set}_debug() API.
> >
> > Only notable (internal) difference is that
> > nft_ctx_input_set_flags()
> > returns the old value already, so we don't need to call
> > Nftables.get_input() first.
> >
> > The benefit of this API, is that it follows the existing API for
> > debug
> > flags. Also, when future flags are added it requires few changes to
> > the
> > python code.
> >
> > The disadvantage is that it looks different from the underlying C
> > API,
> > which is confusing when reading the C API. Also, it's a bit
> > cumbersome
> > to reset only one flag. For example:
> >
> > def _drop_flag_foo(flag):
> > if isinstance(flag, int):
> > return flag & ~FOO_NUM
> > if flag == 'foo':
> > return 0
> > return flag
> >
> > ctx.set_input(_drop_flag_foo(v) for v in ctx.get_input())
>
> Which would be easier if there were dedicated setter/getter pairs for
> each flag. The code for debug flags optimizes for setting multiple
> flags
> at once ("get me all the debugging now!"). Not a veto from my side
> though, adding getter/setter pairs after the fact is still possible
> without breaking anything.
Or
ctx.set_input(ctx.get_input(numeric=True) & ~FOO_NUM)
Thomas
