[pkg-netfilter-team] Bug#935858: nftables: lacks documentation

westlake westlake2012 at videotron.ca
Wed Aug 28 21:35:04 BST 2019 

actually there's still no mention of chain names able to be stored in 
capitals.

The migratory tools automatically make capitals from iptables, and users 
would be tempted to try out documented commands. (even the link provided 
says nothing)

.. so you re-consider adding this as a side-note.

new users are tempted to try,
"nft list chain filter output
Error: No such file or directory
list chain filter output
            ^^^^^^
"

the nft syntax is difficult to grasp, and the output here is not even clear.

If the output (I would say upstream is to blame)  was actually more 
clear, then I would not need to report on confusion about this, and not 
have to dwell on telling you to provide some insight on what migratory 
tools actually do.

The fact that error output and online documentation mentions nothing 
about having capitals for chain names, is the reason why I decided to 
file this report.

The fact that many users also use migratory tools and likely face this 
same issue, is another reason why I think many users would actually 
benefit from a note or two in the README.Debian file.

You should take the perspective that new adopters face this issue, and 
that I wouldn't be the only one facing this.

Let it not be a main reason why NFT has not been widely adopted on 
Debian, because the least thing you could have done is to show me where 
I am wrong.

Show me where it is documented. Show me where it says that chain names 
can be in capitals.

Otherwise document it in README.Debian.

^ It's a Debian policy, and if you don't do it, then I will have to 
complain to the top leader about you being such a baby and revoke your 
abilities in maintaining this package.

You also closed my other bugreport without a real good explanation on 
why you need to have nft binary executables at the header of .conf 
files.  To me that is not just silly but impractical.  Online 
documentation sources mention about using "nft list ruleset > 
nftables.conf" and effectively that overwrites the header.

Use a bit of logic in maintaining this package.

thanks

More information about the pkg-netfilter-team mailing list