On Thu, Mar 27, 2014 at 10:53:16PM +0100, Pablo Neira Ayuso wrote: > This patch speeds up rule-set updates and it helps to leave chains > in consistent state when processing a batch. Note this patch does > not introduce a way to revert chain updates, eg. counter or default > policy changes. Also it doesn't seem to handle chain renames. I think this is a conceptual shortcoming, there's no way to implement updates properly by just storing the chain in the transaction, we need to store the actual actions to be performed. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
