Hi Jozsef, On Fri, Dec 30, 2022 at 01:42:01PM +0100, Jozsef Kadlecsik wrote: > On Fri, 30 Dec 2022, Jozsef Kadlecsik wrote: > > > Please pull the next patches into your nf tree. > > > > - The first patch fixes a hang when 0/0 subnets is added to a > > hash:net,port,net type of set. Except hash:net,port,net and > > hash:net,iface, the set types don't support 0/0 and the auxiliary > > functions rely on this fact. So 0/0 needs a special handling in > > hash:net,port,net which was missing (hash:net,iface was not affected > > by this bug). > > - When adding/deleting large number of elements in one step in ipset, > > it can take a reasonable amount of time and can result in soft lockup > > errors. This patch is a complete rework of the previous version in order > > to use a smaller internal batch limit and at the same time removing > > the external hard limit to add arbitrary number of elements in one step. > > > > Please note, while the second patch removes half of the first patch, the > > remaining part of the first patch is still important. > > In the versions I sent the first patch was collapsed with the part for > hash:net,port,net from the second patch. So now for proper functionality > it depends on the second one. If it is not OK, just let me know! If you think this is the best course of action, then I am fine with this. Thanks for explaining.
