On Fri, Aug 03, 2018 at 10:55:33AM +0200, Máté Eckl wrote:
> This patch adds the possibility to use textual names to set the chain priority
> to standard values so that numeric values do not need to be learnt any more
> for
> basic usage.
>
[...]
> Example:
> nft> add table ip x
> nft> add chain ip x y { type filter hook prerouting priority raw; }
> nft> add chain ip x z { type filter hook prerouting priority mangle + 1; }
> nft> add chain ip x w { type filter hook prerouting priority dstnat - 5; }
> nft> add chain ip x r { type filter hook prerouting priority filter + 10; }
> nft> add chain ip x t { type filter hook prerouting priority security; }
> nft> add chain ip x q { type filter hook postrouting priority srcnat + 11; }
> nft> add chain ip x h { type filter hook prerouting priority 15; }
Applied, thanks Máté. BTW, can we have automated tests for this?
[...]
> nft> add chain ip x h { type filter hook prerouting priority first; }
> Error: 'first' is invalid priority in this context.
> add chain ip x h { type filter hook prerouting priority first; }
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
BTW, now that you have added a prio_spec object, you can place the
struct location there and store the position from the parser, so we
can perform better error reporting, eg.
nft> add chain ip x h { type filter hook prerouting priority first; }
Error: 'first' is invalid priority in this context.
add chain ip x h { type filter hook prerouting priority first; }
^^^^^^^^^^^^^^
Thanks.
