[Bug 1314] nft reset quotas does not reset anonymous quotas
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Tue Jan 28 22:47:41 CET 2020
https://bugzilla.netfilter.org/show_bug.cgi?id=1314
--- Comment #5 from kfm at plushkava.net ---
(In reply to Pablo Neira Ayuso from comment #4)
> They question is if we want to have a fine grain to reset anonymous stateful
> information, or just 'nft reset ruleset' to reset all stateful information
> (including quotas and counters) is fine.
>
> What would you prefer?
Personally, I'd like for it to be as granular as is reasonably possible i.e.
more or less achieving feature parity with iptables -Z. I go into specific
detail in the other bug, including some suggestions as to how the nft syntax
could look for granular reset actions.
That said, I appreciate that this might not be trivial to implement or that it
cannot necessarily be considered as a development priority. As the first course
of action, if both of "nft reset quotas" and "nft reset counters" were to cover
all anonymous instances, that would address this bug, along with one of the
requests that I made in bug 1401. In and as of itself, that would be a nice
improvement.
If anyone can figure out how to support granular actions thereafter, then so
much the better.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200128/11955066/attachment-0001.html>
More information about the netfilter-buglog
mailing list