Laura Garcia <[email protected]> wrote: > On Thu, Jul 28, 2016 at 01:01:05AM +0200, Florian Westphal wrote: > > How exactly is this used by nftables? > > > > AFAIU usespace will check if ->dreg is 0 or not, but does that make > > sense? > > > > Seems to me it would be more straightforward to not use a dreg at all > > and just NFT_BREAK if nval != 0? > > > > The main idea is to provide a round robin like scheduling method, for > example: > > ip daddr <ipsaddr> dnat nth 3 map { > 0: <ipdaddrA>, > 1: <ipdaddrB>, > 2: <ipdaddrC> > } >
That makes sense, would be nice to place a small blurb in the commit message. > > Otherwise this looks good to me, except that I think we should consider > > putting this in nft_meta.c instead of a new module. > > AFAIK meta is more to set or get metainformation from a certain > packet. I consider this expression is closer to counter, but with a > resetting value. Ok, fair enough. Thanks, Florian -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
