On Wed, Mar 20, 2024 at 06:17:18PM +0100, Pablo Neira Ayuso wrote: > On Wed, Mar 20, 2024 at 03:58:06PM +0100, Phil Sutter wrote: > > The most common use case is ORing flags like > > > > | syn | ack | rst > > > > but nft seems to be fine with less intuitive stuff like > > > > | meta mark set ip dscp << 2 << 3 > > This is equivalent to: > > meta mark set ip dscp << 5 > > userspace is lacking the code to simplify this, just like it does for: > > meta mark set ip dscp | 0x8 | 0xf0 > > results in: > > meta mark set ip dscp | 0xf8 You're right, of course. Simplifying the input is a different task though, I merely made sure that JSON input/output matches what regular syntax supports as well. Input optimization should happen in eval phase (or so) anyway and thus independent of where input was parsed from. Cheers, Phil
