On Thu, Nov 16, 2023 at 4:14 PM Kerin Millar <kfm@xxxxxxxxxxxxx> wrote: > > On Wed, 15 Nov 2023 13:33:05 -0500 > Brian Davidson <davidson.brian@xxxxxxxxx> wrote: > > > The man page states that meta time and meta hour optionally accept > > seconds, but I get errors on v1.0.6 or v1.0.8. meta time doesn't even > > like the dash date separator. > > > > # nft -c add rule inet t c meta hour "17:00:01" drop > > Error: syntax error, unexpected colon, expecting end of file or > > newline or semicolon > > add rule inet t c meta hour 17:00:01 drop > > ^ > > 17:00:01 is only accepted if double quoted, implying that the parser otherwise considers it to be something other than a string. This may or may not be a defect. > > Note that the double quotes given to your shell accomplished nothing. Instead, compare the following two commands, the first of which is equivalent to the command that you attempted. > > # nft -c 'add rule inet t c meta hour 17:00:01 drop' > # nft -c 'add rule inet t c meta hour "17:00:01" drop' > > > # nft -c add rule inet t c meta time "2023-12-24 17:00:01" drop > > Error: syntax error, unexpected -, expecting end of file or newline or semicolon > > add rule inet t c meta time 2023-12-24 17:00:01 drop > > ^ Ah, of course! I usually only think of single quoting the rule when braces or semi-colons are involved. Escaping the quotes also works for me: # nft -c add rule inet t c meta hour \"17:00:01\" drop > Similarly, the timestamp needs to be double quoted at the point that nft encounters it. > > # nft -c 'add rule inet t c meta time "2023-12-24 17:00:01" drop' > > In this instance, such a requirement is easier to fathom. Presumably, 2023-12-24 and 17:00:01 are otherwise considered as two tokens that are not connected with one another. > > In both cases, I would describe the error reporting as being poor. > > -- > Kerin Millar
