Re: [PATCH v11 19/23] pesto, conf, fwd_rule: Add options and modes to add, delete, clear rules

[David Gibson <david@gibson.dropbear.id.au>]

[-- Attachment #1: Type: text/plain, Size: 2556 bytes --]

On Thu, May 07, 2026 at 04:10:33AM +0200, Stefano Brivio wrote:
> On Thu, 7 May 2026 09:51:10 +1000
> David Gibson <david@gibson.dropbear.id.au> wrote:
> 
> > On Wed, May 06, 2026 at 11:31:51PM +0200, Stefano Brivio wrote:
> > > Instead of just being able to add to the existing tables, implement
> > > an explicit --clear option to replace them, which now becomes the
> > > default behaviour, and implement explicit --add and --delete options
> > > to maintain the table and add or delete specific ports.
> > > 
> > > The option --clear PIF forces the clearing of a table, instead.
> > > 
> > > These options can be combined arbitrarily and are handled as
> > > sequential commands, as now described in pesto(1).
> > > 
> > > If no option is given before forwarding specifiers for a matching
> > > table, the command line is interpreted as a replacement of the
> > > existing rules.
> > > 
> > > To this end:
> > > 
> > > - there's no protocol change, as pesto is anyway sending updated
> > >   copies of the table
> > > 
> > > - the forwarding table functions now include a new fwd_rule_del(),
> > >   which deletes existing rule only if a matching one is found
> > > 
> > > - a trivial fwd_rule_clear() is factored out from the existing
> > >   conf_handler() implementation, so that it can be directly used
> > >   in pesto
> > > 
> > > The entry points for parsing of port specifiers now take an additional
> > > 'del' parameter which is passed down all the way before reaching the
> > > fwd_rule_add() implementation. If a rule should be deleted, at that
> > > point, fwd_rule_del() is called instead.
> > > 
> > > Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
> > > Reviewed-by: Laurent Vivier <lvivier@redhat.com>  
> > 
> > Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
> > 
> > Several concerns below, but they can all be addressed as follow ups.
> 
> Just to set expectations: I won't take care of those, mostly because
> there are actual blocking issues (not with this series, they would also
> be follow up) that I'm trying to take care of instead, see e.g.:

Makes sense.

>   https://github.com/containers/container-libs/pull/755#issuecomment-4392427315
> 
> so you'll need to follow up with patches, in case (and expect delays in
> reviews).

Yes, that's what I expected.

-- 
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]