Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > + if (nla_put_be32(nlskb, NFT_CT_ID, (__force __be32)id)) > > + goto nla_put_failure; > > + > > + if (status && nla_put_be32(nlskb, NFT_CT_STATUS, htonl(status))) > > + goto nla_put_failure; > > NFT_CT_* is enum nft_ct_keys which is not intended to be used as > netlink attribute. > > NFT_CT_STATE is 0 which is usually reserved for _UNSPEC in netlink > attribute definitions. > > My suggestion is that you define new attributes for this, it is > boilerplate code to be added to uapi. In that case I would prefer not to use NESTED attribute for this, i.e.: * @NFTA_TRACE_CT_ID: connection tracking information (NLA_U32) * @NFTA_TRACE_CT_STATUS: connection tracking information (NLA_U32) * @NFTA_TRACE_CT_STATE: connection tracking information (NLA_U32) ... and so on. I see no potential for attribute re-use. The only argument for NESTED is that userspace can check for presence of NFTA_TRACE_CT/NESTED instead of checking each ct trace attr in sequence. Whats you preference?
