2014-11-24 12:55 GMT+01:00 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>: > On Fri, Nov 21, 2014 at 09:22:00AM +0100, Bjørnar Ness wrote: >> Is support for named vmaps removed from nft? Running kernel 3.18.0-rc5 >> [ ... ] > > I have updated the documentation: > > http://wiki.nftables.org/wiki-nftables/index.php/Dictionaries > > Please, let me know if you find any mistake on it. Thanks. This works, thanks Pablo! A few comments, tho: Is it possible/planned to make counters work with sets/vmaps? nft add rule filter input ip saddr vmap @my_vmap counter will not work since it counts too late (never) Is the following planned: 1) individual element counters 2) comments for elements 3) element timeout Also, negative set/vmap lookup does not seem to work, I would like the following functionality nft insert rule filter forward ip saddr !@ignorelist ip saddr @blocklist drop Best regards, -- Bj(/)rnar -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
