On Fri, 1 Oct 2021 20:16:17 -0500 Matt Zagrabelny <mzagrabe@xxxxxxxxx> wrote: > Hello, > > I'd like to do something like the following: > > if exists $named_set > nft add rule ip filter output ip daddr $named_set accept > else > nft add rule ip filter output ip daddr $default_set accept > > Does anyone know if I can accomplish this with nftables? > > Thanks, > > -m The output of nft isn't particularly amenable to parsing unless it is instructed to produce JSON. The simplest way is to act upon the exit status value of a list set command. if nft --terse list set ip filter "$named_set" >/dev/null 2>&1; then ... -- Kerin Millar
