Hi Duncan, On Sat, Dec 16, 2017 at 08:22:10PM +1100, Duncan Roe wrote: > Hi, > > For those who contribute to the wiki: > > I updated https://wiki.nftables.org/wiki-nftables/index.php/Flow_tables section > "Doing iptables hashlimit with nft" in light of trying the examples. > > There's more in the associated discussion page, "Notice also that the translator defaults --hashlimit-htable-expire and --hashlimit-burst to 1000 milliseconds and 5 packets respectively so ''timeout 1s'' and ''burst 5 packets'' are inserted. You may remove either or both of these if you wish." I think we can just skip printing default values in the translation, I mean, we can "fix" the translation instead. BTW, this reminds me we should also expose the missing options such as hashlimit-htable-max and hashlimit-htable-gcinterval, those can be exposed too, it just needs some code in nft, I'll add this to my TODO list. Let us know, thanks for reviewing documentation! -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
