Hi Pablo, I'm wondering what the rational for the current cache update behaviour is. The changelog states it is somehow related to the requested command, but that doesn't seem to be true. Even "nft describe" fails with EPERM as user since the cache appears to be initialized unconditionally, which is a bit unfortunate. Also I used to test things parsing, evaluation and even netlink generation without actually adding those rules as user, which does not work anymore. This might be harder to get working again, but I'm not sure why we do a full initialization anyways. The only thing that appears to be needed are sets, and those only in some specific circumstances. Cheers, Patrick -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
