| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240902112256.GA3742@breakpoint.cc> Date: Mon, 2 Sep 2024 13:22:56 +0200 From: Florian Westphal <fw@...len.de> To: Donald Hunter <donald.hunter@...il.com> Cc: Florian Westphal <fw@...len.de>, netdev@...r.kernel.org, netfilter-devel <netfilter-devel@...r.kernel.org> Subject: Re: [PATCH net-next] netlink: specs: nftables: allow decode of default firewalld ruleset Donald Hunter <donald.hunter@...il.com> wrote: > Florian Westphal <fw@...len.de> writes: > > > This update allows listing default firewalld ruleset on Fedora 40 via > > tools/net/ynl/cli.py --spec \ > > Documentation/netlink/specs/nftables.yaml --dump getrule > > > > Default ruleset uses fib, reject and objref expressions which were > > missing. > > > > Other missing expressions can be added later. > > > > Improve decoding while at it: > > - add bitwise, ct and lookup attributes > > - wire up the quota expression > > - translate raw verdict codes to a human reable name, e.g. > > 'code': 4294967293 becomes 'code': 'jump'. > > > > Cc: Donald Hunter <donald.hunter@...il.com> > > Signed-off-by: Florian Westphal <fw@...len.de> > > One minor question below, otherwise LGTM. > > Reviewed-by: Donald Hunter <donald.hunter@...il.com> > > > > + name: fib-result > > + type: enum > > + entries: > > + - oif > > + - oifname > > Did you intentionally leave out addrtype from the enum? No, I'm just incompetent. Will send a v2 tomorrow.
Powered by blists - more mailing lists