Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > I was thinking on the case in which we are setting bits via the > connlabel extension and modifying this from ctnetlink at the same > time. Indeed, in that case we might scribble over a bit that has been set the instant before. And yes, this might be a problem. The only way to fix it (AFAICS) would be to add a new interface to allow (un)setting specific bits from userspace, so that userspace could request "set this bit" or "clear that bit", rather than the current "dump/modify/replace" cycle. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
