On Mon, Aug 17, 2020 at 11:58:39AM +0200, Pablo Neira Ayuso wrote:
> On Sun, Aug 16, 2020 at 05:23:38PM -0700, Grant C wrote:
> > Hello,
> >
> > Is there special syntax required to use a variable name instead of
> > hard-coding the interface name in a declaration like the following?
> >
> > chain blackhole {
> > type filter hook ingress device $external_interface priority -500; policy
> > accept
> >
> > Error: syntax error, unexpected '$', expecting string or quoted string or
> > string with a trailing asterisk
> > type filter hook ingress device $external_interface priority -500; policy accept
> >
> > using the interface name directly instead of the variable works.
> >
> > Trying the new syntax that allows using a list, 'ingress devices = { }' also
> > fails when using a variable either inside an anonymous list, or as the name
> > of a named list.
> >
> >
> > I am using nftables 9.3 from Debian Buster backports.
>
> Support for variable from chain device (as you use above) is available
> in the nftables release (or using the current git snapshot), this is a
> recent enhancement.
... in the _next_ nftables release
