Hi Igor, On Sun, Nov 04, 2012 at 06:48:10AM +0800, Igor wrote: > Hi, > > I got a ACL from file, when I need to update the ACL, the reload > action really impact the system, is that possible to dynamic update > the ACL without reload?
It's on the todo list to be able to feed ACLs via the unix socket, though it has not been implemented yet. Depending on what you want to do, it is already possible to inject keys for stick-tables on the unix socket. So for example you can have an ACL check the source IP address in a table and act depending on the associated general purpose counters. It's a bit hackish but maybe it helps. Regards, Willy
