[Bug 1470] [sets] improve flags combination
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Dec 3 15:29:19 CET 2020
https://bugzilla.netfilter.org/show_bug.cgi?id=1470
--- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> ---
(In reply to vtolkm from comment #0)
> kernel 5.9.0-rc6 armv7l | nft 0.9.6
>
> -----
>
> in set this this works:
>
> flags dynamic, timeout
>
> does not work:
>
> flags dynamic, timeout, interval
This reads as, I would to have a set that:
- it is going to be updated from the packet path
- entries have a timeout
- entries are composed of an internal (prefix or range)
> producing:
>
> Error: Could not process rule: Not supported
>
> ----
>
> having looked up wiki & man there is no mentioning that flags are mutually
> or otherwise exclusive and thus assumed that any given combination to work.
Kernel does not support for updating an interval set from the packet path,
hence the EOPNOTSUPP.
Should we document that interval and dynamic is not supported?
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20201203/affcaf86/attachment.html>
More information about the netfilter-buglog
mailing list