On 06.08, Pablo Neira Ayuso wrote: > > That might work if the message ordering is then guaranteed. However I think > > we can fix this case without changing NEWGEN. Let me think about that a bit, > > for now just taking care of the genid checks correctly seems like a good > > step forward. > > But we can catch this problem through ->res_id, OK? Have to look at it in detail. Currently sitting at the airport, will take me a bit. > > BTW, we also need to adjust loop detection to only take into account > > active rules, active chains, active sets etc. > > Indeed, thanks Patrick. > > Will you take care of this? It would be great to have a fix for these > in this merge window. On top of that, I have a patchset here to add Sure. I already have this in my patches, however I'll wait for your new patchset so I can test on top of it. > named expressions as you suggested as a generic way to implement named > counters (or any other stateful expression) and I need that this is > fixed first so I don't need to add another ugly _INACTIVE flag to the > nft_nexpr object. > > Let me know, thanks! I agree, the _INACTIVE flags need to go. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
