On Wed, May 22, 2019 at 09:44:06PM +0200, Phil Sutter wrote: > When batching up multiple commands, one may run into a situation where > the current command requires a cache update while the previous ones > didn't and that causes objects added by previous commands to be removed > from cache. If the current or any following command references any of > these objects, the command is rejected. > > Resolve this by copying Florian's solution from iptables-nft: After > droping the whole cache and populating it again with entries fetched > from kernel, use the current list of commands to restore local entries > again. > > Signed-off-by: Phil Sutter <phil@xxxxxx> > --- Acked-by: Eric Garver <eric@xxxxxxxxxxx>
