On Wed, Jul 12, 2017 at 09:05:45PM +0200, Phil Sutter wrote: > On Wed, Jul 12, 2017 at 06:30:47PM +0200, Arturo Borrero Gonzalez wrote: [...] > > Could this logic be merged into that function? My goal is to only > > print from one code path. > > Yes, that makes sense. I found it too cumbersome to squeeze the > additional logic into netlink_events_setelem_cb(), hence why I went with > a separate function. I'll give it another try. In doubt I'll move the > printing logic into a separate function to be called from both places. > > I'll prepare a v2 tomorrow, also merging the previous two patches as > suggested.
Just a quick status update: It's a mess. ;) There are so many different cases, I actually started drawing flow diagrams (can't remember when I did that last time). In addition to what we discussed already, I realized that via 'nft -f', I can make multiple changes to even different sets within a single transaction - this requires dealing with cached half-open ranges everywhere, not just in NEWGEN callback. Another trap is 'nft flush set': The elements are reported in reverse order. Anyway, I have something that seems to work but needs quite some cleanup before I dare to publish it. :) I should probably look into ways to write tests for this to get all the cases covered. Cheers, Phil -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
