<html>
<head>
<base href="https://bugzilla.netfilter.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - [sets] improve context checks (against already primed sets)"
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1474">1474</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>[sets] improve context checks (against already primed sets)
</td>
</tr>
<tr>
<th>Product</th>
<td>nftables
</td>
</tr>
<tr>
<th>Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th>Hardware</th>
<td>arm
</td>
</tr>
<tr>
<th>OS</th>
<td>Debian GNU/Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P5
</td>
</tr>
<tr>
<th>Component</th>
<td>nft
</td>
</tr>
<tr>
<th>Assignee</th>
<td>pablo@netfilter.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>vtolkm@gmail.com
</td>
</tr></table>
<p>
<div>
<pre>kernel 5.9.0-rc6 armv7l | nft 0.9.6
_____
With two config files, one being the main config and another one to be loaded
on a certain node condition after the main config being already in play. Both
however with rules that refer to the same named set that is being loaded
initially with the main config.
The set in question:
set t_u {
type inet_proto
flags constant
counter
size 2
elements = { 6, 17 }
}
Trying to prime the secondary conf with nft -f, not flushing the main conf, it
produces:
Error: No such file or directory
It seems that NFT is checking only within the context of the secondary conf but
not against the already primed (main) conf.
Copying the named set from main conf to the secondary conf however then
produces a clash with the already primed (main) conf:
Error: Could not process rule: Resource busy
It would make sense that NFT checks not only within the context of the conf
file but also against a conf that is already primed.
The way it is now one has to generate a (redundant) set named differently to
get it working with the secondary conf.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>