Re: nft newbie
On Thu, Jul 07, 2022 at 10:45:00AM +0200, Erwan David wrote:
> Le 07/07/2022 à 10:11, Roger Price a écrit :
> > Newbie 3: The configuration file begins with the Bash shebang
> > #!/usr/sbin/nft -f but the Debian 11 man page for nftables says
> >
> > -f, --file filename Read input from filename. If filename is -, read
> > from stdin.
> >
> > and doesn't mention omitting the filename. I'm guessing that -f with no
> > file name means "read from the remainder of this file". Is this
> > correct?
>
> It's very old for me (I began unix in 1990) but in my understanding when a
> file begins wth a shebang the line after the shebang is completed with the
> path to the file and the full line is then executed, thus You'll end with a
> command line of /usr/sbin/nft -f /etc/nftables.conf
That's correct. That's how shebangs work.
If you take a typical shell script, which begins with #!/bin/sh, and
you execute that, you'll end up with the kernel running a command such
as
/bin/sh ./myscript
for you. Likewise, a perl script will end up executing something like
/usr/bin/perl /usr/bin/perlscript
and so on. You are allowed to have one (1) argument word after the
interpreter name on a shebang line. In the case of your nft script,
that option happens to be -f. This will also be required for awk
scripts (with a shebang of #!/usr/bin/awk -f) and so on.
Reply to: