Phil Sutter wrote:
> When e.g. ebtables-nft detects an incompatible table, a stray '.' was
> printed as last line of output:
>
> | # ebtables-nft -L
> | table `filter' is incompatible, use 'nft' tool.
> | .
>
> This comes from ebtables' own exit_err callback. Instead use the common
> one which
When e.g. ebtables-nft detects an incompatible table, a stray '.' was
printed as last line of output:
| # ebtables-nft -L
| table `filter' is incompatible, use 'nft' tool.
| .
This comes from ebtables' own exit_err callback. Instead use the common
one which also provides useful version
arm-openwrt-linux-gnueabi-gcc -D_LARGEFILE_SOURCE=1 -D_LARGE_FILES
-D_FILE_OFFSET_BITS=64 -D_REENTRANT
-DXTABLES_LIBDIR=\"/usr/lib/iptables\" -DXTABLES_INTERNAL -I../include
-I.. -I../include -I..
On Fri, Nov 23, 2018 at 01:35:17PM +0100, Pablo Neira Ayuso wrote:
> On Fri, Nov 23, 2018 at 12:25:45PM +0100, Florian Westphal wrote:
> > Phil Sutter wrote:
> > > > If user doesn't want it cleared at nftnl_chain_free() time they can
> > > > always allocate a new nftnl_rule_list and splice to
On Fri, Nov 23, 2018 at 12:25:45PM +0100, Florian Westphal wrote:
> Phil Sutter wrote:
> > > If user doesn't want it cleared at nftnl_chain_free() time they can
> > > always allocate a new nftnl_rule_list and splice to that list.
> >
> > Good point. What do you think about the simple approach of
Phil Sutter wrote:
> > If user doesn't want it cleared at nftnl_chain_free() time they can
> > always allocate a new nftnl_rule_list and splice to that list.
>
> Good point. What do you think about the simple approach of introducing:
>
> | struct nftnl_rule_list *nftnl_chain_get_rule_list(const
On Fri, Nov 23, 2018 at 07:49:49AM +0100, Florian Westphal wrote:
> Phil Sutter wrote:
> > In order to improve performance in 'nft -f' as well as xtables-restore
> > with very large rulesets, we need to store rules by chain they belong
> > to. In order to avoid pointless code duplication, this
