Being able to set (and preferably modify at runtime) a default value to
be returned/evaluated/executed for the various search-and-do lists
(sets) would be extremely helpful.
You can kind of fake it with a verdict set of goto(s) and a subsequent
unconditional goto but that's branchtastically elaborate.
So the existence of a possible default would be value-attached flag
(just like timeout is a flag with a value).
I don't have the familiarity with the whole stack (nft, library, and
kernel state machine) necessary to offer a patch at this time since it
would take a nudge of all three to be able to test it all.
-- Rob White.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
