Re: nftables add vs replace

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Actually, after your patch and Arturo's, it could be possible to
improve the ruleset management so
it would use create/add/replace accordingly.

Though it means it would need to dump first the targeted
tables/chains to do so,
thus I am not sure how relevant is my blabbering from performance
point of view.
How would that work? Dumping rules, flushing the old ones and reinstalling
them is prone to race conditions.

There would be no flushing involved.
Comparing the dump vs the input ruleset you would know what to remove/replace/add.

But maybe there is no benefit from that anyway.

Tomasz

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux