@@ -27,11 +27,13 @@ gen_chains () {
local family=$1
local hook=$2
local prioname=$3
+ local device=${4:+device $4}
for i in -11 -10 0 10 11
do
local offset=`format_offset $i`
- $NFT add chain $family x `chainname $hook $prioname $offset` "{ type filter hook $hook priority $prioname $offset; }"
+ local chainname=`chainname $hook $prioname $offset`
+ $NFT add chain $family x $chainname "{ type filter hook $hook $device priority $prioname $offset; }"
done
}
@@ -50,7 +52,6 @@ do
gen_chains $family postrouting srcnat
done
-
family=arp
$NFT add table $family x
for hook in input output
@@ -58,16 +59,9 @@ do
gen_chains $family $hook filter
done
-
family=netdev
$NFT add table $family x
-hook=ingress
-prioname=filter
-for i in -11 -10 0 10 11
-do
- offset=`format_offset $i`
- $NFT add chain $family x `chainname $hook $prioname $offset` "{ type filter hook $hook device lo priority $prioname $offset; }"
-done
+gen_chains $family ingress filter lo
family=bridge
$NFT add table $family x
@@ -75,7 +69,6 @@ for hook in prerouting input forward output postrouting
do
gen_chains $family $hook filter
done
-
gen_chains $family prerouting dstnat
gen_chains $family output out
gen_chains $family postrouting srcnat
Enhance the function to accept an optional fourth parameter specifying the device name, then use it for netdev family. Also remove dubled empty lines and instead put together what belongs together. Signed-off-by: Phil Sutter <phil@nwl.cc> --- tests/shell/testcases/chains/0021prio_0 | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-)