Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add all nftables families as a valid noflush pattern #142

Merged
merged 1 commit into from
Aug 25, 2022
Merged

Add all nftables families as a valid noflush pattern #142

merged 1 commit into from
Aug 25, 2022

Conversation

luisfdez
Copy link

@luisfdez luisfdez commented Jul 26, 2022
edited
Loading

Pull Request (PR) description

Nftables has a bridge family (Bridge filtering) that replaces ebtables functionality.

In some case, it might be useful to avoid flushing rules defined in the associated table. However, this is not possible at the moment as the regular expression doesn't match the name.

This patch extends the regular expression defining the noflush_tables parameter type to accept all possible families supported by nftables as per: https://wiki.nftables.org/wiki-nftables/index.php/Nftables_families

This Pull Request (PR) fixes the following issues

N/A

@smortex
Copy link
Member

smortex commented Aug 4, 2022

A unit test that can detect regressions in future releases would be awesome!

@luisfdez
Copy link
Author

luisfdez commented Aug 9, 2022

A unit test that can detect regressions in future releases would be awesome!

Sure @smortex , will do.

Thanks for taking a look.

@luisfdez luisfdez force-pushed the feat/noflush-bridge branch 3 times, most recently from 8819a35 to 0a47ed6 Compare August 19, 2022 12:41
Add all families as a valid noflush pattern
1fd3f55 
nftables has more valid families than the ones currently accepted by the
module.

This patch adds support for all the families currently supported as per
the documentation at:
https://wiki.nftables.org/wiki-nftables/index.php/Nftables_families
@luisfdez luisfdez changed the title Add 'bridge' preffix as a valid noflush pattern Add all nftables families as a valid noflush pattern Aug 19, 2022
@luisfdez
Copy link
Author

@smortex @traylenator

I have added some tests and expanded the area of the patch:

  • It now adds support to all the families that nftables support. Sooner of later someone will face the same situation for a missing family, so I added all of them.
  • I updated the tests to iterate through all the valid types and check them. Additionally, there is a test to make sure that wrong names are not allowed.

Let me know if you have any feedback or improvements.

@bastelfreak bastelfreak added the enhancement New feature or request label Aug 22, 2022
@traylenator traylenator merged commit 500ffee into voxpupuli:master Aug 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@traylenator traylenator traylenator approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@luisfdez @smortex @traylenator @bastelfreak