On Thu, Nov 21, 2019 at 06:10:21PM +0100, Stefano Brivio wrote: > If the NFTNL_SET_SUBKEY flag is passed, send one NFTA_SET_SUBKEY > attribute for each subkey_len attribute in the set description. > > Note that our internal representation, and nftables storage, for > these attributes, is 8-bit wide, but the kernel uses 32 bits. As > field length is expressed in bits, this is probably a good > compromise to keep the UAPI future-proof and memory footprint to > a minimum, for the moment being. > > This is the libnftnl counterpart for nftables patch: > src: Add support for and export NFT_SET_SUBKEY attributes > > and it has a UAPI dependency on kernel patch: > [PATCH nf-next 1/8] nf_tables: Support for subkeys, set with multiple ranged fields > > v2: > - fixed grammar in commit message > - removed copy of array bytes in nftnl_set_nlmsg_build_subkey_payload(), > we're simply passing values to htonl() (Phil Sutter) > > Signed-off-by: Stefano Brivio <sbrivio@xxxxxxxxxx> Acked-by: Phil Sutter <phil@xxxxxx>
