From 90d4ee087171e75d5313359ad6b6f1341e51ddc5 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Wed, 29 Aug 2018 16:23:27 +0200 Subject: JSON: Make match op mandatory, introduce 'in' operator This special operator is required for cases where missing operator does not lead to same results as equal operator, i.e. with bitmasks on RHS. Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- doc/libnftables-json.adoc | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/libnftables-json.adoc b/doc/libnftables-json.adoc index 309988bc..c174a354 100644 --- a/doc/libnftables-json.adoc +++ b/doc/libnftables-json.adoc @@ -577,8 +577,6 @@ processing continues with the next rule in the same chain. Operator indicating the type of comparison. ==== OPERATORS -The operator is usually optional and if omitted usually defaults to "==". -Allowed operators are: [horizontal] *&*:: Binary AND @@ -592,6 +590,17 @@ Allowed operators are: *>*:: Greater than *<=*:: Less than or equal to *>=*:: Greater than or equal to +*in*:: Perform a lookup, i.e. test if bits on RHS are contained in LHS value + +Unlike with standard API, the operator is mandatory here. In standard API, +missing operator may be resolved in two ways depending on the type of expression +on RHS: + +- If RHS is a bitmask or a list of bitmasks, the expression resolves into a + binary operation with not equal operator, like this: '+LHS & RHS != 0+'. +- In any other case, equal operator is simply inserted. + +For the non-trivial first case, JSON API supports *in* operator. === COUNTER [verse] -- cgit v1.2.3