Han, On Tue, Jan 02, 2024 at 10:24:14PM +0100, Han Boetes wrote: > Don't worry, I'm used to people not actually reading what I write. I did read what you wrote. In nft nomenclature though, ranges and prefixes itself are individual elements of an interval set. They are not expanded internally to individual elements but merely converted to ranges of min and max value. You quoted two elements in a row separated by comma which is standard formatting for 'nft list ruleset' output to avoid exceedingly large lines. You're complaint about "clumsy" format for scripting might have been about the two elements per row formatting. > I already wrote some working, albeit ugly, code that converts ranges > and CIDR to individual IP-addresses. But I think if nft would have the > option to simply produce the individual addresses belonging to the > set/table, it would make the whole script a lot simpler and more > logical. Prepare a patch and put me in Cc, I promise to review it. Thanks, Phil
