[Bug 1711] Named sets - Use flags interval and dynamic
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Oct 5 16:52:02 CEST 2023
https://bugzilla.netfilter.org/show_bug.cgi?id=1711
Eric Fahlgren <evil.function at proton.me> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |evil.function at proton.me
--- Comment #2 from Eric Fahlgren <evil.function at proton.me> ---
To the best of my knowledge, interval sets are implicitly dynamic (i.e., you
can add and delete elements arbitrarily). In order to change this behavior and
create a constant sized set, you'd state exactly that using the "constant"
flag:
$ nft add set ip filter FOO-N '{ type ipv4_addr; flags interval, constant;
elements = { 10.0.0.0/24 } }'
And then:
$ nft add element ip filter FOO-N '{ 100.1.1.0/24 }'
Error: Could not process rule: Too many open files in system
add element ip filter FOO-N { 100.1.1.0/24 }
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Leave out "constant" and the "add element" works just fine (as will "delete
element").
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20231005/54ff63af/attachment.html>
More information about the netfilter-buglog
mailing list