> "list ruleset" at the bottom of an nft script is completely accurate. The > command "nft list ruleset" discards portions of rules that are implicit, in the > interests of brevity. > > Of note is the fact that the 'ct state' line does not contain both > > states. > It does show it. There are 2 bits set in 0x6. Perhaps it is an oversight that > the code path does not interpret them. Point taken. I guess it's just because the output of 'nft list ruleset' seems more "human readable" to me than "list ruleset" at the bottom, and I'd rather use the former output as a base for diffs. Thanks, -Martin
