Hi Pablo,
I was actually playing on my own with libnftables.
>It's easy: dump the chain list, then change the policy on one chain
>for instance, build the message to apply this change, send it...
>
>We haven't hit the bug yet anywhere, because no code does such
>settings change after a dump, but we - or whatever app - surely will
>at some point.
We should document that. I have a patch to add the doxygen doc to
libnftables. I prefer that user is in control of this, instead of
adding internal workarounds to avoid tricky situations.
As you want, but it will complicate things for the user a bit.
Tomasz
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
