On Fri, Jun 14, 2019 at 02:54:32PM +0200, Phil Sutter wrote: > Hi Pablo, > > On Fri, Jun 14, 2019 at 02:36:30PM +0200, Pablo Neira Ayuso wrote: > > __CMD_FLUSH_RULESET is a dummy definition that used to skip the netlink > > dump to populate the cache. This patch is a workaround until we have a > > better infrastructure to track the state of the cache objects. > > I assumed the problem wouldn't exist anymore since we're populating the > cache just once. Can you maybe elaborate a bit on the problem you're > trying to solve with that workaround? If nft segfaults to dump the cache, 'nft flush ruleset' will not work since it always fetches the cache, it will segfault too. The flush ruleset command was still dumping the cache before this patch.
