On Thu, Mar 26, 2020 at 12:09:20PM +0000, ѽ҉ᶬḳ℠ wrote:
> On 21/03/2020 09:53, ѽ҉ᶬḳ℠ wrote:
> > With some (soft) NETDEV being available only after NFT been invoked at
> > boot time, e.g. bridge or pppoe, NFT would fail to load at boot time
> > if such NETDEV being stipulated, e.g.
> >
> > flowtable f { hook ingress priority 0; devices = { pppoe-wan, lan0,
> > lan1, lan2, lan3, lan4, br-lan }; }
> >
> > Is there a syntax that would allow to add/alter such dynamic dev to an
> > initial stanza, e.g.
> >
> > flowtable f { hook ingress priority 0; devices = { lan0, lan1, lan2,
> > lan3, lan4 }; }
> >
> > and then adding pppoe-* and/or br-* to it? Or is there any other good
> > practice, e.g. are dynamic sets are working with flowtable device =?
>
> Other NETDEV that may not be available at the NFT start during boot
> time, or that are dynamically enabled/disabled, are WLan and VPN (tap,
> tun, wg). Whilst this can be worked around with hotplug scripts it does
> not help with altering the > devices = { } < portion in a dynamic fashion.
>
> The replace command does not seem suitable as it requires the query for
> the rule handle.
I agree than better support for dynamic devices is good to have in
place.
