On Tue, Oct 02, 2018 at 02:17:14AM +0900, Taehee Yoo wrote:
> When device is unregistered, flowtable flush routine is called
> by notifier_call(nf_tables_flowtable_event). and exit callback of
> nftables pernet_operation(nf_tables_exit_net) also has flowtable flush
> routine. but when network namespace is destroyed, both notifier_call
> and pernet_operation are called. hence flowtable flush routine in
> pernet_operation is unnecessary.
>
> test commands:
> %ip netns add vm1
> %ip netns exec vm1 nft add table ip filter
> %ip netns exec vm1 nft add flowtable ip filter w \
> { hook ingress priority 0\; devices = { lo }\; }
> %ip netns del vm1
Applied, thanks for explaining.
