Hi, On Thu, May 2, 2019 at 9:46 AM Florian Westphal <fw@xxxxxxxxx> wrote: > > Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx> wrote: > > I understand your point, but this is a regression. Ignoring a field/attribute of > > a netlink message is part of the uAPI. This field exists for more than a decade > > (probably two), so you cannot just use it because nobody was using it. Just see > > all discussions about strict validation of netlink messages. > > Moreover, the conntrack tool exists also for ages and is an official tool. > > FWIW I agree with Nicolas, we should restore old behaviour and flush > everything when AF_INET is given. We can add new netlink attr to > restrict this. I agree with both of you. Unless anyone beats me to it, I will try to have a fix ready during the weekend. BR, Kristian
