On 08/12/21 15:25, G.W. Haywood wrote:
Hi there,
On Tue, 7 Dec 2021, Daniel wrote:
myhandle=$(echo `$nft -sa list chain $1 $2 $3 |grep -F $4|grep -oP
'(# handle ).*'`|cut -d " " -f 3)
To me, quite apart from the reliance on a bunch of system utilities
which I'd really prefer to avoid in an operation of this kind, that
looks unnecessarily complex and rather fragile.
This whole discussion suggests that something is missing from nft.
Yes, its a blocker for me.
As a workaround I switched from iptables-legacy to iptables-nft. (So
atleast I am using nft backend)
Irony is that iptables (nft backend) can actually delete the matching
rule (via -D option) but native nft itself can not delete a matching rule.
Regards
Amish.
