On Tue, Nov 24, 2015 at 11:28:41AM +0100, Florian Westphal wrote: > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > BTW, do we really want to use the default NFNLGRP_NFTABLES group? > > > > multicast group provide a simple way for filtering out what you don't > > need from kernelspace. And you can still subscribe both groups > > NFNLGRP_NFTABLES and NFNLGRP_NFTABLES_TRACE. > > > > I'm telling this when thinking of nft-sync. Why should it be receiving > > this spamming tracing events when it only cares about ruleset updates? > > I can add a new group but nftables will need to subscribe to both > in trace mode since we need to see new rules... I'm talking about applications that may not need to subscribe both, eg. nft-sync will only need to subscribe to rule updates, he doesn't care about traces. I think nft should have the ability to subscribe only rule updates only as well. You can subscribe as many groups at the same time in netlink as you want. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
