[Bug 1439] Atomically updating/reloading a large set with nft -f is excessively slow
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Jul 30 04:48:26 CEST 2020
https://bugzilla.netfilter.org/show_bug.cgi?id=1439
--- Comment #8 from Pablo Neira Ayuso <pablo at netfilter.org> ---
Testing with nftables at 7c9bef0c
# nft add table inet filter
# nft add set inet filter ipv6_bogons { type ipv6_addr\; flags interval\; }
# nft list ruleset
table inet filter {
set ipv6_bogons {
type ipv6_addr
flags interval
}
}
... download your bogons tarball, decompress
# nft -f ipv6_bogons.nft
... few seconds
# nft -f ipv6_bogons.nft
... few seconds
# nft list ruleset | wc -l
113210
Are you sure you are running a fresh nft binary?
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200730/e420c45e/attachment.html>
More information about the netfilter-buglog
mailing list