From 48661c54357aea271bf87ab2b6ef907eafc97e9a Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 23 Nov 2017 15:14:01 +0100
Subject: src: deprecate "flow table" syntax, replace it by "meter"

According to bugzilla 1137: "flow tables" should not be syntactically
unique.

"Flow tables are always named, but they don't conform to the way sets,
maps, and dictionaries work in terms of "add" and "delete" and all that.

They are also "flow tables" instead of one word like "flows" or
"throttle" or something.

It seems weird to just have these break the syntactic expectations."

Personally, I never liked the reference to "table" since we have very
specific semantics in terms of what a "table" is netfilter for long
time.

This patch promotes "meter" as the new keyword. The former syntax is
still accepted for a while, just to reduce chances of breaking things.
At some point the former syntax will just be removed.

Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1137
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Arturo Borrero Gonzalez <arturo@netfilter.org>
---
 tests/py/ip/flowtable.t                               | 2 +-
 tests/py/ip/flowtable.t.payload                       | 2 +-
 tests/py/ip6/flowtable.t                              | 4 ++--
 tests/py/ip6/flowtable.t.payload                      | 4 ++--
 tests/shell/testcases/sets/0022type_selective_flush_0 | 6 +++---
 5 files changed, 9 insertions(+), 9 deletions(-)

(limited to 'tests')

diff --git a/tests/py/ip/flowtable.t b/tests/py/ip/flowtable.t
index 41d5d3bb..7eaf5731 100644
--- a/tests/py/ip/flowtable.t
+++ b/tests/py/ip/flowtable.t
@@ -2,4 +2,4 @@
 
 *ip;test-ip;input
 
-flow table xyz { ip saddr timeout 30s counter};ok
+meter name xyz { ip saddr timeout 30s counter};ok
diff --git a/tests/py/ip/flowtable.t.payload b/tests/py/ip/flowtable.t.payload
index 591abf2b..4dbd03d0 100644
--- a/tests/py/ip/flowtable.t.payload
+++ b/tests/py/ip/flowtable.t.payload
@@ -1,4 +1,4 @@
-# flow table xyz { ip saddr timeout 30s counter}
+# meter name xyz { ip saddr timeout 30s counter}
 xyz test-ip 31
 xyz test-ip 0
 ip test-ip input 
diff --git a/tests/py/ip6/flowtable.t b/tests/py/ip6/flowtable.t
index cf0a6068..7a53f31a 100644
--- a/tests/py/ip6/flowtable.t
+++ b/tests/py/ip6/flowtable.t
@@ -2,5 +2,5 @@
 
 *ip6;test-ip6;input
 
-flow table acct_out { meta iif . ip6 saddr timeout 600s counter };ok;flow table acct_out { iif . ip6 saddr timeout 10m counter}
-flow table acct_out { ip6 saddr . meta iif timeout 600s counter };ok;flow table acct_out { ip6 saddr . iif timeout 10m counter}
+meter name acct_out { meta iif . ip6 saddr timeout 600s counter };ok;meter name acct_out { iif . ip6 saddr timeout 10m counter}
+meter name acct_out { ip6 saddr . meta iif timeout 600s counter };ok;meter name acct_out { ip6 saddr . iif timeout 10m counter}
diff --git a/tests/py/ip6/flowtable.t.payload b/tests/py/ip6/flowtable.t.payload
index d3da5bad..cf2de733 100644
--- a/tests/py/ip6/flowtable.t.payload
+++ b/tests/py/ip6/flowtable.t.payload
@@ -1,4 +1,4 @@
-# flow table acct_out { meta iif . ip6 saddr timeout 600s counter }
+# meter name acct_out { meta iif . ip6 saddr timeout 600s counter }
 acct_out test-ip6 31
 acct_out test-ip6 0
 ip6 test-ip6 input
@@ -6,7 +6,7 @@ ip6 test-ip6 input
   [ payload load 16b @ network header + 8 => reg 9 ]
   [ dynset update reg_key 1 set acct_out timeout 600000ms expr [ counter pkts 0 bytes 0 ] ]
 
-# flow table acct_out { ip6 saddr . meta iif timeout 600s counter }
+# meter name acct_out { ip6 saddr . meta iif timeout 600s counter }
 acct_out test-ip6 31
 acct_out test-ip6 0
 ip6 test-ip6 input
diff --git a/tests/shell/testcases/sets/0022type_selective_flush_0 b/tests/shell/testcases/sets/0022type_selective_flush_0
index f8878f70..87a4c7bc 100755
--- a/tests/shell/testcases/sets/0022type_selective_flush_0
+++ b/tests/shell/testcases/sets/0022type_selective_flush_0
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # This tests the selectiveness of flush command on structures that use the
-# generic set infrastructure (sets, maps and flow tables).
+# generic set infrastructure (sets, maps and meters).
 
 tmpfile=$(mktemp)
 if [ ! -w $tmpfile ] ; then
@@ -16,7 +16,7 @@ add table t
 add chain t c
 add set t s {type ipv4_addr;}
 add map t m {type ipv4_addr : inet_service;}
-add rule t c tcp dport 80 flow table f {ip saddr limit rate 10/second}
+add rule t c tcp dport 80 meter name f {ip saddr limit rate 10/second}
 " >$tmpfile
 
 $NFT -f $tmpfile
@@ -26,7 +26,7 @@ $NFT -f $tmpfile
 declare -a cmds=(
 		"flush set t m" "flush set t f"
 		"flush map t s" "flush map t f"
-		"flush flow table t s" "flush flow table t m"
+		"flush meter name t s" "flush meter name t m"
 		)
 
 for i in "${cmds[@]}"
-- 
cgit v1.2.3