Hi Anders, 2016-10-23 0:08 GMT+08:00 Anders K. Pedersen | Cohaesio <akp@xxxxxxxxxxxx>: [...] > But ct_expr_update_type is only used during the netlink_delinearize > postprocess step, and that causes problems, when it is used in > combination with flow statements as described in other mail. I think this is a bug and should be fixed. > Would you object to dropping (i.e. kernel will not require it and > userspace will not include it) the NFTA_RT_FAMILY attribute for ip and > ip6 families, but unconditionally including it for the inet family? After I read your and Pablo's explanation, now I'm not sure which one is better. :) Maybe from this rt nexthop expression, we can get a relatively consistent way to handle the INET family properly, either explicitly add a _FAMILY_ attribute, or just like ct original saddr, completely handle it properly in the nft utility. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
