<>
Hi Jozsef,
Thank you. Yes, that is true, the count can still be incorrect in the
case of a huge set.
Thanks,
Vishwanath
On 09/11/2017 03:36 PM, Jozsef Kadlecsik wrote:
> Hi,
>
> Your patch is applied in the ipset git tree and I'm going to push it for
> kernel inclusion.
>
> I modified the
Hi Pablo,
Here follows a few ipset patches for the nf-next tree:
* Merge assignment and simplify return in a fuction by Simran Singhal
* Fix a sparse warning from me
* Deduplicate prefixlen maps by Aaron Conole
* Fix the outdated element counter for sets with timeout by Vishwanath Pai
Please
Signed-off-by: Jozsef Kadlecsik
---
net/netfilter/ipset/ip_set_hash_ipportnet.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/netfilter/ipset/ip_set_hash_ipportnet.c
b/net/netfilter/ipset/ip_set_hash_ipportnet.c
index 5ab1b99..24bf558 100644
From: Aaron Conole
The prefixlen maps used here are identical, and have been since
introduction. It seems to make sense to use a single large map,
that the preprocessor will fill appropriately.
Signed-off-by: Aaron Conole
Signed-off-by: Jozsef Kadlecsik
Hi,
Your patch is applied in the ipset git tree and I'm going to push it for
kernel inclusion.
I modified the comment part: the elements counter can still be incorrect
in the case of a huge set, because elements might time out during the
listing.
Thanks for your patience!
Best regards,
This new operation allows to import ruleset in json to make
incremental changes using the parse functions of libnftnl.
A basic way to test this new functionality is:
% cat file.json | nft import json
where the file.json is a ruleset exported in json format.
Highly based on work from Alvaro
On Fri, Sep 08, 2017 at 01:55:36PM +0200, Pablo Neira Ayuso wrote:
> On Wed, Sep 06, 2017 at 02:39:50PM +0200, Florian Westphal wrote:
> > This reverts the conversion of the nat bysource table to rhlist that
> > I did last year.
> >
> > It was a bad idea to begin with.
> >
> > Fast lookup is not
>> This new operation allows to import ruleset in json to make
>> incremental changes using the parse functions of libnftnl.
>>
>> A basic way to test this new functionality is:
>>
>> % cat file.json | nft import json
>>
>> where the file.json is a ruleset exported in json format.
>>
>> Highly
On 10 September 2017 at 14:31, Shyam Saini wrote:
> This new operation allows to import ruleset in json to make
> incremental changes using the parse functions of libnftnl.
>
> A basic way to test this new functionality is:
>
> % cat file.json | nft import json
>
> where
10 matches
Mail list logo