Hi,
On Mon, Feb 08, 2021 at 04:49:15PM +0100, Florian Westphal wrote:
> Martin Gignac <martin.gignac@xxxxxxxxx> wrote:
>
> [ cc devel ]
>
> > Out of curiosity, is there a reason why calling a chain "trace"
> > results in an error?
> >
> > This configuration:
> >
> > chain trace {
> > type filter hook prerouting priority -301;
> > ip daddr 24.153.88.9 ip protocol icmp meta nftrace set 1
> > }
> >
> > Results in the following error when I try loading the ruleset:
> >
> > /etc/firewall/rules.nft:40:9-13: Error: syntax error, unexpected
> > trace, expecting string
> > chain trace {
> > ^^^^^
>
> grammar bug.
>
> Pablo, Phil, others, can you remind me why we never did:
Because this would be followed up by:
| Subject: Unable to create a table called "trace"
Jokes aside:
I think Pablo didn't like the obvious consequence of having to quote
*all* string types which are user-defined in output. He played with
keeping the quotes as part of the name, so they are sent to kernel and
in listing they would automatically appear quoted. I don't quite
remember why this was problematic, though.
In general, shells eating the quotes is problematic and users may not be
aware of it. This includes scripts that mangle ruleset dumps by
accident, etc. (Not sure if it is really a problem as we quote some
strings already).
Using JSON, there are no such limits, BTW. I really wonder if there's
really no fix for bison parser to make it "context aware".
Cheers, Phil
