On Sun, Aug 16, 2020 at 05:23:38PM -0700, Grant C wrote:
> Hello,
>
> Is there special syntax required to use a variable name instead of
> hard-coding the interface name in a declaration like the following?
>
> chain blackhole {
> type filter hook ingress device $external_interface priority -500; policy
> accept
>
> Error: syntax error, unexpected '$', expecting string or quoted string or
> string with a trailing asterisk
> type filter hook ingress device $external_interface priority -500; policy accept
>
> using the interface name directly instead of the variable works.
>
> Trying the new syntax that allows using a list, 'ingress devices = { }' also
> fails when using a variable either inside an anonymous list, or as the name
> of a named list.
>
>
> I am using nftables 9.3 from Debian Buster backports.
Support for variable from chain device (as you use above) is available
in the nftables release (or using the current git snapshot), this is a
recent enhancement.
