On Thu, 9 Aug 2018, Akshat Kakkar wrote: > Thanks for the info. nftables set infra lacks lot of things specially > interfaces. Besides, I just dont want to develop new ipsets, but also > want to extend its functionality so as to include rule decision, natted > ips, etc.As you have already asked the question in place of me, I > appreciate your effort once again. No, that's a totally wrong way. ipset is independent from iptables/ip6tables: you cannot refer to a match/target/chain from ipset. It also makes no sense to reimplement those in ipset. If you miss functionality in nftables compared to ipset, then invest your energy in nftables instead. Dictionaries, maps are already there. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlecsik.jozsef@xxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
