Hi,
On Wed, Nov 28, 2018 at 02:51:54PM +0100, Pablo Neira Ayuso wrote:
> On Wed, Nov 28, 2018 at 02:21:01PM +0100, Phil Sutter wrote:
> > Hi Pablo,
> >
> > On Fri, Nov 23, 2018 at 01:35:17PM +0100, Pablo Neira Ayuso wrote:
> > > On Fri, Nov 23, 2018 at 12:25:45PM +0100, Florian Westphal wrote:
>
On Wed, Nov 28, 2018 at 02:21:01PM +0100, Phil Sutter wrote:
> Hi Pablo,
>
> On Fri, Nov 23, 2018 at 01:35:17PM +0100, Pablo Neira Ayuso wrote:
> > On Fri, Nov 23, 2018 at 12:25:45PM +0100, Florian Westphal wrote:
> > > Phil Sutter wrote:
> > > > > If user doesn't want it cleared at
Hi Pablo,
On Fri, Nov 23, 2018 at 01:35:17PM +0100, Pablo Neira Ayuso wrote:
> On Fri, Nov 23, 2018 at 12:25:45PM +0100, Florian Westphal wrote:
> > Phil Sutter wrote:
> > > > If user doesn't want it cleared at nftnl_chain_free() time they can
> > > > always allocate a new nftnl_rule_list and
On Fri, Nov 23, 2018 at 01:35:17PM +0100, Pablo Neira Ayuso wrote:
> On Fri, Nov 23, 2018 at 12:25:45PM +0100, Florian Westphal wrote:
> > Phil Sutter wrote:
> > > > If user doesn't want it cleared at nftnl_chain_free() time they can
> > > > always allocate a new nftnl_rule_list and splice to
On Fri, Nov 23, 2018 at 12:25:45PM +0100, Florian Westphal wrote:
> Phil Sutter wrote:
> > > If user doesn't want it cleared at nftnl_chain_free() time they can
> > > always allocate a new nftnl_rule_list and splice to that list.
> >
> > Good point. What do you think about the simple approach of
Phil Sutter wrote:
> > If user doesn't want it cleared at nftnl_chain_free() time they can
> > always allocate a new nftnl_rule_list and splice to that list.
>
> Good point. What do you think about the simple approach of introducing:
>
> | struct nftnl_rule_list *nftnl_chain_get_rule_list(const
On Fri, Nov 23, 2018 at 07:49:49AM +0100, Florian Westphal wrote:
> Phil Sutter wrote:
> > In order to improve performance in 'nft -f' as well as xtables-restore
> > with very large rulesets, we need to store rules by chain they belong
> > to. In order to avoid pointless code duplication, this
Phil Sutter wrote:
> In order to improve performance in 'nft -f' as well as xtables-restore
> with very large rulesets, we need to store rules by chain they belong
> to. In order to avoid pointless code duplication, this should be
> supported by libnftnl.
Unfortunately we still need to change